[ISN] The Planet Warns of Security Breach

From: InfoSec News <alerts_at_private>
Date: Mon, 20 Oct 2008 02:15:53 -0500 (CDT)

By Liam Eagle
October 17, 2008 

(WEB HOST INDUSTRY REVIEW) -- Dedicated and managed hosting provider The 
Planet (www.theplanet.com) issued a notice to customers Thursday, 
informing them of a security breach the company had detected, and 
recommending certain steps customers could take to protect their 
accounts from further compromise.

"In the course of the last two days, our Computer Security Incident 
Response Center team has identified suspicious activity in our customer 
management portal," said the email sent to customers. "We have 
identified what appears to be a security breach that may have affected 
your customer portal account and server passwords. We have identified 
the methods by which the systems were compromised and have closed those 
holes.  In addition to those actions, we will be implementing additional 
security measures to further strengthen the infrastructure and systems."

In a phone interview with the WHIR Friday, The Planet's vice president 
of technology Will Charnock said the breach is believed to be the result 
of a compromised employee account - something the company has never 
encountered in the past. According to the security investigation up to 
this point, only two user accounts were definitely affected, and no 
credit card information is believed to have been compromised.

The company says it moved quickly to repair the breach and contacted all 
of its approximately 25,000 customers to advise them to take a few "best 
practices" type precautions in the interest of remaining as secure as 
possible: changing logins and passwords for Orbit (The Planet's customer 
portal) immediately, and every 60 days following; doing the same with 
server passwords; being alert to suspicious activity on accounts; and 
retaining access logs and contacting the company if suspicious activity 
is suspected.


Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
Received on Mon Oct 20 2008 - 00:15:53 PDT

This archive was generated by hypermail 2.2.0 : Mon Oct 20 2008 - 00:24:49 PDT