DreamHost, the popular web hosting provider, has warned customers that one of its database servers has been illegally accessed by a hacker, and that the FTP and shell access passwords of some customers may have been compromised.
If it was the case that passwords were taken, that information would certainly be useful to cybercriminals, as they could use it to access innocent users’ websites and change their contents – perhaps to embed malicious code onto webpages.
As a precautionary message, DreamHost has reset their customers’ passwords.
Sadly, no information has been forthcoming as to how a hacker might have been able to gain access to one of DreamHost’s internal servers. Hopefully the firm is investigating and fixing any potential security vulnerabilities which might expose customer information in future.
Of course, if…
Read more in my article on the Naked Security website.