Get the lowest-cost and the best server colocation service in the business. Learn more.
Information Technology News.


Linode's service outage nightmare continues, company resets all passwords

Share on Twitter.

Get the best SMTP service for your business. Guaranteed or your money back.

January 6, 2016

The ugly nightmares are piling up at Linode, and the company is very busy right now trying to address the multiples issues it has to fix.

Two days ago we reported that Linode was hit by a massive DoS attack on Christmas day that brought its whole infrastructure to its knees.

The server hosting firm just run a system-wide password reset on all customer accounts after two Linode.com user credentials were discovered on an external machine.

The service advisory says the leak “implies user credentials could have been read from our database, either offline or on, at some point."

It sounds as if miscreants may have infiltrated the company's systems. “The user table contains usernames, email addresses, securely hashed passwords and encrypted two-factor seeds,” Linode's statement continues.

This is curious since if the passwords were "securely hashed," attackers shouldn't have been able to recover them in the first place.

Linode's alert added that the credentials were discovered during an investigation after authorized logins into three customer accounts. Linode says it's unable to speculate about whether these suspect logins are related to the crippling denial-of-service attacks that hammered its servers offline on December 25.

Hackers often use distributed denial-of-service (DDoS) assaults to distract security staff from database infiltrations.

The immense floods of junk packets are continuing, particularly against Linode's DNS infrastructure, and that's a major issue for the company.

Linode has temporarily disabled the AFXR protocol (used for DNS database replication across multiple servers). Its blog has also been targeted, perhaps in an attempt to make it harder for customers to get information.

Source: Linode.

Get the best SMTP service for your business. Guaranteed or your money back.

Share on Twitter.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.