By Liam Eagle
October 17, 2008
(WEB HOST INDUSTRY REVIEW) -- Dedicated and managed hosting provider The
Planet (www.theplanet.com) issued a notice to customers Thursday,
informing them of a security breach the company had detected, and
recommending certain steps customers could take to protect their
accounts from further compromise.
"In the course of the last two days, our Computer Security Incident
Response Center team has identified suspicious activity in our customer
management portal," said the email sent to customers. "We have
identified what appears to be a security breach that may have affected
your customer portal account and server passwords. We have identified
the methods by which the systems were compromised and have closed those
holes. In addition to those actions, we will be implementing additional
security measures to further strengthen the infrastructure and systems."
In a phone interview with the WHIR Friday, The Planet's vice president
of technology Will Charnock said the breach is believed to be the result
of a compromised employee account - something the company has never
encountered in the past. According to the security investigation up to
this point, only two user accounts were definitely affected, and no
credit card information is believed to have been compromised.
The company says it moved quickly to repair the breach and contacted all
of its approximately 25,000 customers to advise them to take a few "best
practices" type precautions in the interest of remaining as secure as
possible: changing logins and passwords for Orbit (The Planet's customer
portal) immediately, and every 60 days following; doing the same with
server passwords; being alert to suspicious activity on accounts; and
retaining access logs and contacting the company if suspicious activity
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!