安全播报:OneProvider用户数据泄露,请及时修改密码

oneprovider.png

昨天在全球主机交流论坛看到有网友反映 OneProvider 发生用户数据泄露事件;主机大巴今天也收到了 OneProvider 发来的安全提示邮件,邮件中称:

近期 OneProvider 数据库备份被未经授权的用户访问检索,可能已经导致用户数据泄露,泄露内容包含:客户信息,用户密码等(但不包括付款信息)。为了账户安全,建议所有用户立即修改密码,并启用二次验证。

邮件详细内容如下:

Dear customer,

We have discovered on February 18th an unauthorized access to a frontend entity of our infrastructure. Following investigation, it was determined that a limited amount of customer data was briefly consulted. While the unauthorized access was rapidly contained, the affected customers were immediately informed of the details in a separate message.

On February 21th, we have found that the incident was unfortunately more important than we originally believed. It is highly likely that a deprecated database backup, dating from December 2016, was partially retrieved.

The retrieved portions of the database contained: Customer Information, including hashed login passwords (to OnePanel).

The database does not contain payment information.

Because we take this situation very seriously, we have taken every appropriate measure to further secure our infrastructure and increase our security.

While your services are unlikely to have been compromised, we would like to remind you to make a habit of always changing the root passwords of your newly delivered servers.

As an additional measure of security, we have implemented an automatic password update feature that will prompt you to update your password every 6 months. You will see this feature upon your next login. We have also reset accesses for all inactive accounts. We also remind you that you can monitor the activity of your account at any time in the 'Account' section in both the "Activity Log" menu and the "Sessions" tab in the Account page.

We deeply apologize for what we realize is a grave situation, and for any inconvenience caused. Your account managers and our support team remain available for any questions you may have, or to assist you in examining as well as securing your infrastructure. We are taking the necessary steps with the concerned authorities.

Regards,

OneProvider.com

参考阅读

hostloc - OneProvider发生用户数据泄露

猜您喜欢

发表评论

icon_mrgreen.gificon_neutral.gificon_twisted.gificon_arrow.gificon_eek.gificon_smile.gificon_confused.gificon_cool.gificon_evil.gificon_biggrin.gificon_idea.gificon_redface.gificon_razz.gificon_rolleyes.gificon_wink.gificon_cry.gificon_surprised.gificon_lol.gificon_mad.gificon_sad.gificon_exclaim.gificon_question.gif