DreamHost warns of password hack
DreamHost, a Los Angeles-based web hosting services provider and domain name registrar, has confirmed that it may have been the victim of an attack on its servers. In a post on its DreamHost Status blog, the company says that it "detected some unauthorized activity" in one of its databases and is now requiring customers to change their FTP/shell passwords as a precautionary measure.
In an email to its customers, DreamHost notes that, of the three different types of passwords used for accessing the web panel and email, and for FTP/Shell access, only the latter appears to have been compromised in the breach. Web panel and email passwords as well as billing information are not affected and were reportedly not accessed.
However, as a further precaution, DreamHost is advising administrators to "change all email passwords as well". "We are not forcing this change, however, so make sure you take care of that ASAP," added the company.
Over the weekend, customers may have experienced a delay when resetting their passwords due to the volume of requests, but the company says that this should now be resolved. Further details of the potential breach by an unknown party or parties have yet to be disclosed.