DreamHost, a company that hosts more than a million domains, is notifying customers that hackers may have obtained unauthorized access to some of their passwords, advising them to change their FTP/shell access passwords, but also their email passwords.
“Our security systems detected the potential breach this morning and we immediately took the defensive precaution of expiring and resetting all FTP/shell access passwords for all DreamHost customers and their users,” reads the letter sent to customers.
DreamHost clients have three types of passwords: a web panel password, used for logging into the administration panel, email passwords, and FTP/shell access passwords. The firm states that only FTP/shell passwords appear to have been compromised, but as a precaution email passwords should be reset as well.
Account holders are also warned that phishing emails may target them as a result of a data breach.
“Note that DreamHost will never ask you for personal or account information in an email. Please exercise caution if you receive any other emails that ask for personal information or direct you to a web site where you are asked to provide personal information,” the advisory email informs.
After digging around a bit, we found a Pastebin document posted on January 18, 2012, that appears to have contained information obtained from webftp.dreamhost.com, but the document has been removed since
Read more....