Ramnode Client Area Security Advisory
Just got this in my inbox... Good response and reaction by Ramnode.
This message is to all RamNode clients. At some point within the past week, an unknown entity exploited a vulnerability in our billing system. The only damage they seem to have done was to tamper with one of our unused payment gateway modules. No billing information has been compromised.
As a result of this event, we have increased our security measures as well as hired a professional security auditor to identify and eliminate all potential threats. As an extra precaution, we will be working with the auditor to securely reinstall our billing system over the next 24 hours. You might not be able to connect to our website at certain points during this time period.
In order to ensure the security of your account, you should change any passwords which you have received from us through email if you are still using them. Client Area passwords created after July 12 are secure and uncompromised from this event. However, those who signed up on or before July 12 and those who have used the Reset Password link in the Client Area should change their Client Area passwords if they still match the ones we emailed to you. Any SolusVM and/or OpenVZ root passwords should be changed if they match the ones we emailed to you upon ordering. Please note that SolusVM itself was not compromised as part of this event.
We will be available to answer questions regarding this matter through our ticket system, although our responses might be delayed for the next 24 hours. If you need unrelated emergency support and our tickets are unavailable, please email me directly. As always, we greatly appreciate your business and continued support of RamNode as we seek to provide the best VPS hosting on the Internet.