Saw the news on Massive Voodoo's Facebook update, and looks like it's back to normal now. (Grabbed the pic here) Chern Ann, an admin, posted that it was their webhost, www.inmotionhosting.com that got hacked, which I just confirmed it since I know some others using them. (No notice from In Motion either, apparently)
Chern says all passwords are encrypted, but that's just a question of time. Even though they've fixed the site, there hasn't been an email to warn us about the hack and there isn't a news post on the site. Personally, that's just bad business.
If you had a CMON account, you should do two things, right now:
- Change your password.
- Login
- Click "My Profile" (top right)
- Click "Edit Profile" (left)
- Click "Edit Email & Password" (middle)
- Change your password on any websites you used the same PASSWORD and EMAIL to sign up, especially if you used the SAME password for your EMAIL.
I know it's a pain, but odds are that the hackers will have all that data sooner or later.
[Update, 11am]
Looks like an index.php was dropped into the first few levels of all websites hosted with In Motion at around 4am last night. Was data compromised? It could have been. It all depends how long the hackers had access before putting up their splash page... in theory they could have had access for days or more and downloaded whatever they wanted.
Point still remains - change your CMON password and change your password anywhere you use that password / email combination to be safe. Need a password? Look around you and choose 4 things - that's your new password, relying on length for security.
[Update, 5pm]
Their website's totally down now... possibly a failed restore? Two people I know who had their sites compromised were up and running by mid-day after taking all sorts of post-hack security precautions. I can confirm that no data was deleted... databases are still intact, but CMON hasn't sent out an email to users yet... tsk tsk.
[Update, 11am]
Looks like an index.php was dropped into the first few levels of all websites hosted with In Motion at around 4am last night. Was data compromised? It could have been. It all depends how long the hackers had access before putting up their splash page... in theory they could have had access for days or more and downloaded whatever they wanted.
Point still remains - change your CMON password and change your password anywhere you use that password / email combination to be safe. Need a password? Look around you and choose 4 things - that's your new password, relying on length for security.
[Update, 5pm]
Their website's totally down now... possibly a failed restore? Two people I know who had their sites compromised were up and running by mid-day after taking all sorts of post-hack security precautions. I can confirm that no data was deleted... databases are still intact, but CMON hasn't sent out an email to users yet... tsk tsk.
Still down friend.
ReplyDeleteCS
Yeah what am I supposed to do if it is down though and still no notification from them. Pretty bad form especially in a business capacity (I have never used the forums, only the shop).
ReplyDelete@Shofer: yep
ReplyDelete@Red: You may not be able to change your account stuff w/ them, but if you use that email and password to sign up anywhere else, you'll want to change those passwords in the meantime.