| 1 |
On 9/21/07, Grant <emailgrant@×××××.com> wrote: |
| 2 |
> Hello, |
| 3 |
> |
| 4 |
> As I have previously posted about, my host sent me an email a few days |
| 5 |
> ago stating that support tickets for 5,000-6,000 of their clients had |
| 6 |
> been broken into. I checked my records and found that my root |
| 7 |
> password had previously been submitted in a support ticket. I then |
| 8 |
> decided I needed to reinstall my system. |
| 9 |
> |
| 10 |
> I requested that my host allow me access to a second machine for 2-5 |
| 11 |
> days while I switch over to a clean system, after that I would turn |
| 12 |
> the old system over to them and continue with the new system. |
| 13 |
> |
| 14 |
> My request was denied! I'm blown away by this. Was I asking too much? |
| 15 |
> |
| 16 |
|
| 17 |
Information that was valuable leaked because they screw it, so, no |
| 18 |
matter what terms of service say, they must fix their own mistakes. If |
| 19 |
the machine crashes, the data center is burned down to the ground or |
| 20 |
the manager's kid pull the plug on the main server, that's a situation |
| 21 |
where they can say "not our fault, deal with it". But in your case |
| 22 |
their support system had a breach, and thus its their fault. They must |
| 23 |
provide you the means to ensure that YOUR information is safe, cause |
| 24 |
they caused the incident in the first place. You're unsure about your |
| 25 |
information, and information is money. |
| 26 |
|
| 27 |
If I were you I would be backing up my data by now, would then request |
| 28 |
a physical backup and after I get it: |
| 29 |
|
| 30 |
1) Send them email about the actions I'm about to take. |
| 31 |
2) Move away from their services and look for a better server. |
| 32 |
3) Write a cool blog entry about their services and how secure they are. |
| 33 |
|
| 34 |
Of course they could answer the (1) email granting your requests and |
| 35 |
maybe you wouldn't have to take steps (2) and (3). Happened to me |
| 36 |
once. |
| 37 |
-- |
| 38 |
gentoo-user@g.o mailing list |
Archives