DreamHost has issued a security warning to all customers as of January 20, 2012 at 9:25am Pacific Time.
Last night we detected some unauthorized activity within one of our databases. While we don’t have evidence that customer passwords were taken at this time, we’re forcing a change out of caution. Please login to our web panel and change any passwords you may have with us. We’ll keep this post updated as we get more information.
When logging into the DreamHost Web Panel, the following warning appears at the top of the page:
Due to some unauthorized activity we detected within one of our databases, we have forced a reset of all FTP/SFTP and shell passwords as a precaution.
Please visit the “Users > Manage Users” tab immediately to change any passwords you may have with us.
You can keep up to date with this issue as it progresses on the DreamHost Status blog at:
http://www.dreamhoststatus.com/2012/01/20/changing-ftpshell-passwords-due-to-security-issue/
There have been numerous updates through the day. Click here for the latest status on DreamHost servers.
Be sure to log-in immediately and change your passwords.
We also strongly suggest you make a complete backup of your website files and databases.
DREAMHOST STATUS UPDATES
Update Jan 21st, 11:00am PST: Password changes are still processing. albeit slowly. At this time we estimate that any password change will take approximately 1-2 hours to fully update in our system. We sincerely apologize for the delay in these changes taking effect. -Oscar
Thanks for sharing Regina,
I posted your message on my FB and Twitter to make people aware.
Thanks Alex for helping make people aware. I appreciate it. I hope they get their issues resolved. I been fixing alot of hacked sites on DreamHost lately. Yikes!
Just updated this post with a new status from DreamHost…
Update Jan 21st, 11:00am PST: Password changes are still processing. albeit slowly. At this time we estimate that any password change will take approximately 1-2 hours to fully update in our system. We sincerely apologize for the delay in these changes taking effect. -Oscar
Wow! Thanks a long time to update a password.
I had 10 sites hacked back in October, Dreamhost let me know about the hacking 2 weeks after I’d already discovered and resolved the issue. Then last week I noticed some problems on all my sites again and let Dreamhost know. All I got was an automated series of emails telling me I should upgrade my WordPress and pluggins. LIttle did they know everything was already updated and (like in October) I believe the hacking either came from accessing my FTP account details or through Dreamhost because many of the rogue files were also present in my HTML websites. Thanks very, very much for your update… I like Dreamhost but think they need to up grade their security game somewhat.