Please post all pre-sales questions of all products on this forum

Information about our hosting security issue!

  • Tuan Pham Ngoc
  • Topic Author
  • Offline
  • Administrator
  • Administrator
More
9 years 6 months ago #53268 by Tuan Pham Ngoc
Information about our hosting security issue! was created by Tuan Pham Ngoc
Dear all,

As you know, today, our hosting account was hacked. The hacker got a small part of our users information (only name and email) and emailed to these users that their sites were hacked. Infact, these sites are not hacked at all.
We have been working hard on this issue. Here are something we found and would like to inform you about them:

1. The security issue is not related to our extensions at all. So all the sites which are using our extensions at the moment will still be safe.

2. The issue came from a security hole in the hosting server which we have used. We have been using a VPS server to secure customers data, unfortunately, there was still security hole and the server has no Firewall software, so the hacker could get into the system and stole these information. We are working to move our website to a more secure server with a better hosting provider. However, it will take us one or two days for doing that.

3. The hacker just got a small part of our users information (contain name, email) and publish some of them. Few hours after the information was published (just name and a part of the email - the domain of the email is hidden), it was deleted and could not be viewable from public. So the information would be secure from now as well

4. We can assure that your sites are still safe. However, we advice that you change super admin account (and FTP account) of your site.

5. We will continue analyzing the server logs and will inform more information about this issue ASAP.

We are really sorry about this issue and hope you will stay with us and do more business with us in the future. Our extensions are good and secure, it is just the hosting server insecure and causes us all these trouble.

Sincerely, JoomDonation
The following user(s) said Thank You: pepperstreet, sdakinship, nanosplit, arkofhope, borsteinrick, joaoferraz, cpaschen, Eric Lamy, whw, Mtspinto and 13 other people also said thanks.

Please Log in or Create an account to join the conversation.

More
9 years 6 months ago #53270 by Tom Hall
Replied by Tom Hall on topic Information about our hosting security issue!
Thanks and keep up the good work!

Please Log in or Create an account to join the conversation.

More
9 years 6 months ago #53271 by team@pxp.es
Replied by team@pxp.es on topic Information about our hosting security issue!
Thank you for your response, Dear Tuan

I am quiet, I followed your recommendations and I hope that everything is resolved soon.

WE ALWAYS HAVE TO BE VIGILANT,

I wish you more luck,

I will continue to be attentive to this problem

Thanks for the reply,

Jose

Please Log in or Create an account to join the conversation.

More
9 years 6 months ago #53273 by OTWD
Thanks for the update Tuan I know the feeling of being hacked its sh1t

Success consists of going from failure to failure without loss of enthusiasm.

Please Log in or Create an account to join the conversation.

More
9 years 6 months ago #53276 by Brian O'Hagan
Replied by Brian O'Hagan on topic Information about our hosting security issue!
Tuan
You have been a great extension developer and we all experience problems on occasion, We will still support you and continue using the extensions. Having had our security people report on the threat to our websites they confirm there is no threat and they have changed the logons as a extra security measure.

Best Wishes
Esoft

Please Log in or Create an account to join the conversation.

More
9 years 6 months ago #53277 by Zafer
Tuan you work hard and your support is great. I'm positiv that you handle that in a good way.



no chance for hackers.! :pinch:

Please Log in or Create an account to join the conversation.

More
9 years 6 months ago #53278 by VW
Thanks for the update and reassurance Tuan.

Please Log in or Create an account to join the conversation.

More
9 years 6 months ago #53283 by Stephen
Replied by Stephen on topic Information about our hosting security issue!
Hi Tuan
Thank you for the information regarding this mess.
Although I myself never had this email people are talking about I´ve been following this discussion on different forum.
I my self trust in you and will continue using your software.
However as a precaution I have change all passwords (for myself this was a little bit of an awakening) and I will try to make the security a little better.

Thanks again for the info.

If the problem can be solved why worry? If the problem can not be solved, worrying will do you no good.

Please Log in or Create an account to join the conversation.

More
9 years 6 months ago #53294 by Mikkel

4. We can assure that your sites are still safe. However, we advice that you change super admin account (and FTP account) of your site.


You can assure that we are safe, yet you tell us to change our passwords, how does that give any sense?

Please Log in or Create an account to join the conversation.

More
9 years 6 months ago #53296 by pepperstreet
Replied by pepperstreet on topic Information about our hosting security issue!
Thanks for the infos and clarification.
Actually, we might even thank the "hacker" for revealing the security hole on that server... and for NOT spreading the complete addresses. It seems to be a very "polite hack" and promotion for india based developers, IMHO. ;)
At the end, JoomDonation gets a more secure server environment. Neat side-effect, isn't it?!

Please Log in or Create an account to join the conversation.

Moderators: Tuan Pham NgocGiang Dinh TruongMr. Dam