Softaculous Internal Infrastructure Security Breach
mikho
AdministratorHosting ProviderOG
Found this email in my spam folder.
Its from Aug 9th.
Heads up!
Salutations,
We are writing this email to inform you about a security breach in our infrastructure.
We have detected an unauthorised access to some of our mirror servers.
We have taken immediate steps to move and secure our infrastructure, isolate and protect customer data and engage with third party experts. While doing so customers had experienced some downtime from our websites and servers.
None of our customers servers are impacted in this incident. Our server software products Softaculous, Virtualizor and Webuzo v3 are audited regularly by 3rd party auditors and security experts with each new version launched. We have also initiated an additional audit of all our software.
These servers hosted the customers name, address, license information and hashed passwords of customer accounts who license our software (with individual salts per user for encryption). No credit card information was stored on these servers.
We store the account's password in an encrypted format with a unique salt per user which would be infeasible for anyone to derive your original password from. Hashed passwords are secure, but we recommend you change your account's password and will be setting an expiry on existing passwords. When you reset your password, please use a strong and unique password.
As an added precautionary measure we recommend customers take immediate action on their own infrastructure and reset any credentials or authentication details that have been shared with our support team while our security team and third party experts continue to assess the nature of this issue.
API keys of NOC users (if any) which are used to purchase/renew/cancel licenses will be restricted to be accessed by 1 IP only and will expire on 15th August 2022 to avoid any possible license manipulation. You can login to your NOC account and generate new API keys to continue using the NOC API using API Key based authentication.
We have taken several steps to improve the security of our infrastructure and our customer base at large.
We apologize and reassure you that security of our software and infrastructure and our customers data is very important and will continue to be a priority for everyone at our company.
If you have concerns, you are welcome to get in touch with us at [email protected]
Sincerely,
The Softaculous Team
Comments
Yes we have received this as well but kind of old news. I thought there is a new issue again ...
HostDare - Best webhosting provider! | Our premium vps plans | Cheap Shared Hosting
what worries me is that the email ended up in my spam folder which caused me to not see it until now.
https://clients.mrvm.net
Their support email was not properly configured for a week or so during that hacking period. I believe these emails were sent with the same issue. chats on virtualizor website were not working during that period ( or disabled).
HostDare - Best webhosting provider! | Our premium vps plans | Cheap Shared Hosting
Post by "Brijesh" Internal Infrastructure Security Breach
No replies or updates
VPS reviews and benchmarks |
So not a password hash, but a “hashed password,” i.e. they did actually store user passwords (encrypted at least), but won’t call it like that because then it sounds as bad as it is?
Detailed info about providers whose services I've used:
BikeGremlin web-hosting reviews