Slicehost Forum User database compromised (opens in new tab)

(rackspace.com)

36 pointsvimalg214y ago13 comments

13 comments

I'm not sure if I've been sensitised to PR weasel-wording that these things tend to gather (and get blasted for in HN comments), but it's quite refreshing to see something as blunt as "We apologize for our failure to maintain an adequate level of security on our public Slicehost forum, and for any inconvenience this may cause you."

No "mistakes were made", or "We're sorry if you're unhappy about this issue" or any of the other Non-apology apologies[1]

[1] https://en.wikipedia.org/wiki/Non-apology_apology#The_Perfec...

1 more reply

fletchowns14y ago

You probably adhere to Internet best practices

Bringing up this point might be a better thing to close with, after you communicate what happened. This is the real world, miles from best practices.

They really need to provide a few more details as to why they believe the database was compromised, not much of an explanation offered here.

stock_toaster14y ago

> You probably adhere to Internet best practices

To me that read like an attempt to shift a bit of blame and some subtle framing.

shabble14y ago

Second only to: "Simple, you just revert to your most recent complete backup"

mphi14y ago

A couple of years ago I started receiving a lot of spam to rackspacecloudservers@firstnamelastname.com. I've opened support tickets asking whether they had a known breach but they simply closed my tickets without explanation, and any attempt to use their live chats were closed immediately by their staff or completely ignored. I used to hold Rackspace in such high esteem; I wonder what happened?

kijin14y ago

First Linode and now Slicehost. What's happening to quality VPS these days?

Just a wild guess here, but perhaps the same person who compromised Linode's customer service portal was also trying to see if any of his targets were reusing their Slicehost account credentials in the forum?

ceol14y ago

Hosting providers being compromised is nothing new.

Joakal14y ago

Probably someone leaking from the inside due to money/incompetence? That makes their PR go worst though. There's a myriad of scenarios.

They can only be upfront and show how well they respond to the situation including mitigating future security issues.

driverdan14y ago

A support forum being compromised is much different than using the company's internal tools to root systems. I'm guessing they use a 3rd party support forum (eg vBulletin). Maybe a vulnerability in it lead to the breach?

joshkaufman14y ago

Yes - they used Vanilla Forums (http://vanillaforums.org/)

geuis14y ago

Just logged in but was not prompted to reset my password. Re-read the statement a couple times, but its pretty clear this should have happened.

elithrar14y ago

> Just logged in but was not prompted to reset my password. Re-read the statement a couple times, but its pretty clear this should have happened.

To the forum, or to their management site? Only the forum was compromised, and heading to http://forum.slicehost.com/ takes you here: http://www.rackspace.com/knowledge_center/content/slicehost-...

pasbesoin14y ago

From the OP's text:

However, if you used your Slicehost forum I.D. and password in other places, including any Rackspace account, we recommend that you change those I.D.s and passwords. In fact, the next time you attempt to access the Slice Manager, you will be required to change your password. If you use the same password for the forum and for your Slicehost account, and you also use an API key, we recommend that you consider changing the API key as well.

j / k navigate · click thread line to collapse

13 comments

shabble14y ago

No "mistakes were made", or "We're sorry if you're unhappy about this issue" or any of the other Non-apology apologies[1]

[1] https://en.wikipedia.org/wiki/Non-apology_apology#The_Perfec...

1 more reply

fletchowns14y ago

You probably adhere to Internet best practices

Bringing up this point might be a better thing to close with, after you communicate what happened. This is the real world, miles from best practices.

They really need to provide a few more details as to why they believe the database was compromised, not much of an explanation offered here.

stock_toaster14y ago

> You probably adhere to Internet best practices

To me that read like an attempt to shift a bit of blame and some subtle framing.

shabble14y ago

Second only to: "Simple, you just revert to your most recent complete backup"

mphi14y ago

kijin14y ago

First Linode and now Slicehost. What's happening to quality VPS these days?

ceol14y ago

Hosting providers being compromised is nothing new.

Joakal14y ago

Probably someone leaking from the inside due to money/incompetence? That makes their PR go worst though. There's a myriad of scenarios.

They can only be upfront and show how well they respond to the situation including mitigating future security issues.

driverdan14y ago

joshkaufman14y ago

Yes - they used Vanilla Forums (http://vanillaforums.org/)

geuis14y ago

Just logged in but was not prompted to reset my password. Re-read the statement a couple times, but its pretty clear this should have happened.

elithrar14y ago

> Just logged in but was not prompted to reset my password. Re-read the statement a couple times, but its pretty clear this should have happened.

To the forum, or to their management site? Only the forum was compromised, and heading to http://forum.slicehost.com/ takes you here: http://www.rackspace.com/knowledge_center/content/slicehost-...

pasbesoin14y ago

From the OP's text:

j / k navigate · click thread line to collapse