DreamHost, a web hosting service boasting more than 300,000 customers, initiated a forced reset of user passwords earlier this week after discovering a potentially harmful network intrusion.
"The bad news is that we detected access to one of our databases and took rapid action to protect customer accounts and passwords," explained chief executive Simon Anderson in a letter to customers. "The good news is that it does not appear that any significant malicious activity has occurred on any customer accounts as a result of the illegal access."
According to Anderson, DreamHost's database servers were illegally accessed as a result of a zero-day exploit. Further data security analyses provided by detection intrusion mechanisms determined that customers' File Transfer Protocol (FTP) and shell access passwords were the only records exposed to the danger. Anderson stressed that transactional data, billing addresses and personal information were neither accessed nor obtained in the attack.
The email and web panel passwords required to manage customer sites were left unaffected, prompting company officials to manually reset only the FTP and shell access passwords. However, customers were advised to refresh their login credentials on their own, particularly if passwords had been recycled and used across multiple online accounts.
The company will continue to monitor customer accounts for any further signs of suspicious activity, according to PCWorld. Early reports suggested that the data breach may have led to a rash of malware infestations across customer websites, but an independent security firm debunked that assertion by noting that outdated software solutions deployed by customers were the more likely source of vulnerability.
It appears as though effective network monitoring and swift intervention may have saved the day for DreamHost, although the situation is still developing. These lessons may be particularly valuable across industries at a time when cyberattacks and data breaches show no signs of slowing down.
According to the Identity Theft Resource Center, hacking attacks were responsible for one out of every four data breaches recorded in 2011, representing a five-year high. When combined with the prevalence of insider threats, the two malicious strategies accounted for nearly 40 percent of all incidents reported last year.
With the rise of mobile and cloud computing sending data to a greater variety of endpoints and stretching the network perimeters to a global scale, information security experts suggest it may be more worthwhile to bolster data-level protections. Instead of struggling to detect abnormal traffic patterns, many are focusing on locking down data before it is exchanged.
Security News from SimplySecurity.com by Trend Micro
