14 DAY TRIAL // VPS cloud hosting provider Linode has just announced a possible data breach on its servers, which have been under a two-week long DDoS attack from unknown assailants.
The company reported unauthorized logins on three customer accounts, and immediately triggered safety procedures by expiring all customer passwords.
This means that all of Linode's customers that will log into their accounts from now on forward will be automatically prompted to change their passwords.
Linode is under DDoS attacks since Christmas Eve
Several studies from various cyber-security vendors have showed a trend of attackers using slow and low-bandwidth DDoS attacks to mask other more serious intrusions.
Since December 24, Linode has been under a constant DDoS attack that has kept the company's staff busy all these days.
Linode's staff speculated that the unauthorized logins may be connected to a data breach that they haven't had time to investigate due to the constant downtime to its VPS hosting service caused by the DDoS attacks.
The decision to start a site-wide password reset was taken as a measure of precaution, just in case its database was compromised and subsequently stolen during the DDoS attacks.
Linode: Better safe than sorry!
Linode's staff said that resetting the passwords would nullify all credentials taken during the DDoS attacks.
In case the attackers have got their hands on the Linode database, the staff said that the user table is properly secured, despite holding information like site usernames, email addresses, hashed passwords and encrypted two-factor seeds (used for two-factor authentication).
Attackers can crack hashed passwords, but if the user has chosen strong passphrases, this could take a very long time. The three unauthorized logins may have been from users who choose weak passwords for their accounts (like 123456, Letmein, password, or users that entered their username inside the password field).