Web Host's Unencrypted Passwords HackedDreamHost Resets Passwords for All Customers
Web-hosting provider DreamHost reset all FTP/shell passwords for its customers after a hacker gained access to certain unencrypted passwords. The company hosts more than 1 million domains.
See Also: 7 SIEM Trends to Watch in 2019
In a blog post, CEO Simon Anderson explains that on Jan. 20, a hacker discovered a legacy pool of some unencrypted FTP/shell passwords in a database table that had not been deleted. "We've now confirmed that there are no more legacy unencrypted passwords in our systems," Anderson says.
DreamHost has more than 1,500 servers and 100 employees.
The company's intrusion-detection system detected the incident and alerted the security team, which identified the means of illegal access and blocked it, Anderson says. As a result, all customers' FTP/shell passwords were reset.
No web-panel passwords or e-mail passwords were accessed or affected, Anderson says, and no customer billing information or other personal information was accessed.
So far, no malicious activity has occurred as a result of the breach, Anderson reports.
DreamHost also has responded to the breach by implementing changes to prevent similar attempted hacks, the CEO says. And it's performing a security review, including a detailed review of customer input on potential vulnerabilities.
"Defending against cyber attacks is unfortunately an everyday part of business for Internet companies, so we're constantly evolving our security measures to prevent them," Anderson says.
DreamHost has created a web page to inform customers about updates and actions being taken in response to the data breach.