Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Multi-stage attack compromises customers of French webhost OVH

Steve Ragan | July 16, 2013
OVH, one of the largest webhosting companies in the world, says hackers have compromised the company's European customer database and gained access to an installation server in Canada.

Security at OVH has been upgraded immediately, including new passwords for all staff, new VPN access, email access restrictions (employees can only access email from within the office or via VPN), and three levels of verification for staffers that have higher access, including the use of IP source data, passwords, and YubiKeys.

Earlier this year, OVH was forced to deal with a separate security incident, as at least two customers had their websites compromised after attackers targeted a vulnerability in OVH's password recovery system. At the time, the randomly generated passwords were guessable due to a randomization flaw in the recovery script. The attack led to strengthened password policies and a new password reset script.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.