Several days ago, I got 500 Internal Server errors while trying to access my blog and WordPress admin panel so I immediately I sent a ticket to Dreamhost’s support staff. Right after that, I accessed Dreamhost’s status page to check if there were known issues or problems with the servers or hosting in general. In a recent post, I read one person mention something about a FTP password security breach in Dreamhost. I totally forgot about it and I didn’t get to find out what it was all about.
Then earlier today, I received this email from Dreamhost:
A very small subset of our user accounts have been compromised due to a security flaw in our web control panel software. We have already notified those of you affected directly via email, aside from dedicated server customers who are being notified right now. If you are not on a dedicated server and you have not gotten an email from us your account has not been compromised and is likely safe. It’s still a good idea to change your ftp and web control panel password as a precautionary measure.
The security flaw allowed the attackers to log into our web panel with the access privileges of another user. From our web panel they were able to access individual user password information. The attackers also attempted to gain access to our central database and billing information but were ultimately thwarted in that attempt. No credit card information or customer personal information was obtained.
After reading this, I went and tried to do a Google search on this incident. I found out that about 3,500 separate FTP account passwords were leaked and used by hackers in an effort to gain access to the database and billing information of Dreamhost.
Right that moment, I logged on to my Dreamhost web panel and changed all my passwords. Then I checked my folders and files to see if there were any changes made and also checked if there were files uploaded without my knowledge.
I know of some Dreamhost clients who left and moved to a different web host after this incident. Me? I think I’ll stay for now but it does make me think of looking for a better web host just in case I need to move.