Webhostingtalk attack

[rezag]

Just got the mass email from SoftWareRevue of WHT:

It's been pretty hectic around here, but I wanted to make sure as many members as possible know what's going on. At approximately 8:30 pm EST on Saturday, March 21 The malicious attacker deleted all backups from the backup servers within the infrastructure before deleting tables from our db server. We were alerted of the db exploitation and quickly shut down the site to prevent further damage.

I haven't been there in months and I got to say I am pretty shocked to see WHT successfully targeted and to this extent.

The offsite backup, the onsite backup and the operational data were destroyed by the attacker

Over the years I have sometimes, time allowing, followed the threads there including the ones about their own issues.
I guess the lessons that will eventually be learnt from this are going to be sobering.

 

[bdmorrison]

If they off-site tape, you can't delete those!

 

[rezag]

You are right, one of the primary lessons here is the need for a physical backup. For large enough sites and businesses that should be seriously considered.

 

[Jeren]

It's a shame that some people will hack a site like WHT and then sell the usernames and email addresses online... It's all about greed.

And yes, physical backups are important. I've learned that a few different types (both on- and off-line).