Tweet
Horribly HACKED :( - not vBulletin's fault (so FYI...)
My site with 100's of users using it everyday has been hacked. This is not the fault of vBulletin - but another company sent me this email:
=========================
This is the worst possible thing that could happen. I'm currently travelling, I have had to turn off my site: www.mazdarotaryclub.com for now.
These hackers now have 1000's of legitimate email addresses for spamming now - I feel sick to the stomach!!!!!!!
A restore may get things going again, but this is just so bad. I hope no-one else has had this issue.
=========================
Dear valued customer.
We regret to report that the database where we store our customers ftp and application logins has been compromised. Please change your FTP and your oscommerce/creloaded admin passwords immediately.
About the compromise. The passwords stored in tasklife.com are stored for use in during projects. There was an exploit that was closed once notified by the developers. However, someone was able to get the database during this exposure.
In the future we will not store FTP passwords in the database, only host and usernames. Also we will not ask for admin access to your stores, but rather have you create new admin users for our project sales rep, who will create admin users for the developers.
Using this method for admin access, the passwords are all emailed directly to the developer and the developer will change the admin password once logged into the admin.
We apologize for the incident and will work with you to repair any files altered. Please do not reply to this email, if you need assistance please contact us via the tasklife.com system on your project.
Regards,
Salvatore F. Iozzia
Founder, President and CTO
Chain Reaction Web and Ecommerce
www.chainreactionweb.com - www.creloaded.com
We regret to report that the database where we store our customers ftp and application logins has been compromised. Please change your FTP and your oscommerce/creloaded admin passwords immediately.
About the compromise. The passwords stored in tasklife.com are stored for use in during projects. There was an exploit that was closed once notified by the developers. However, someone was able to get the database during this exposure.
In the future we will not store FTP passwords in the database, only host and usernames. Also we will not ask for admin access to your stores, but rather have you create new admin users for our project sales rep, who will create admin users for the developers.
Using this method for admin access, the passwords are all emailed directly to the developer and the developer will change the admin password once logged into the admin.
We apologize for the incident and will work with you to repair any files altered. Please do not reply to this email, if you need assistance please contact us via the tasklife.com system on your project.
Regards,
Salvatore F. Iozzia
Founder, President and CTO
Chain Reaction Web and Ecommerce
www.chainreactionweb.com - www.creloaded.com
This is the worst possible thing that could happen. I'm currently travelling, I have had to turn off my site: www.mazdarotaryclub.com for now.
These hackers now have 1000's of legitimate email addresses for spamming now - I feel sick to the stomach!!!!!!!
A restore may get things going again, but this is just so bad. I hope no-one else has had this issue.
Comment