Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Staminus Offline - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Staminus Offline

245

Comments

  • @MeltedLux said:
    Looks like servermania is taking this opportunity to advertise to Staminus clients included in the database dump.

    > To whom this may concern,
    > 
    > My name is Andrew Horton, Account Manager at ServerMania.com. I’m contracting you today as I’ve heard that you were affected by the Staminus outage and hack that occurred earlier today. We’re a premier Dedicated Server company with services based in New York. We leverage RioRey DDOS Protection appliances on the core of our network with over 200 Gbps of mitigation available covering all 7 layers.
    > 
    > I would like to sit down with you and learn a bit more about your business and how we can service you.
    > 
    > Our company can service your needs in the following ways:
    > *Intel-Xeon based dedicated servers
    > *Private VLAN, Switches and Racks
    > *Standard dedicated 1 Gbps Network for each server
    > *North American based with true 24/7 Support via E-Mail, Ticket or Telephone
    > *Industry-Leading SLA
    > *Dedicated Account Manager
    > *Thousands of satisfied clients
    > *Protecting some of the largest DDoS services on the market today!
    > 
    > Let's move quick to avoid unnecessary downtime for your business!
    > 
    > I look forward to speaking with you.
    > 
    > -- 
    > Andrew Horton, Account Manager, Server Mania
    > +1.888.237.6637 | +1.716.745.4678 Ext. 608
    > Skype ID: andrew.servermania
    > [email protected] | www.servermania.com
    > 

    They are scum then, using data leaks to get customers. If they wanted to they could have done a social announcement using Staminus to get promotional opportunities.

  • @MeltedLux said: Looks like servermania is taking this opportunity to advertise to Staminus clients included in the database dump.

    @Licensecart said: They are scum then, using data leaks to get customers.

    Also extremely illegal last I checked...

  • jonbeardjonbeard Member, Patron Provider

    Lol this shit just gets better and better!

    Thanked by 1netomx
  • MeltedLux said: *Protecting some of the largest DDoS services on the market today!

    Thats some really weird wording.

    So they protect DDOS services :)

  • NyrNyr Community Contributor, Veteran
    edited March 2016

    I wasn't expecting this amount of drama from Staminus. If I were a customer, I wouldn't trust them any longer.

    About Server Mania... well, not surprising coming from ColoCrossing.

  • jonbeardjonbeard Member, Patron Provider

    Staminus just launched a information release:

    https://www.staminus.net/

    Thanked by 2GCat netomx
  • @jonbeard said:
    The KKK alone are tagged as a terroist organization. Both Staminus, and Intreppid are completely shot to the ground and thousands of clients are furious. All data from the leak contains personal information, passwords, server logins and so much more.

    KKK isn't a terrorist organization, it's just a bunch of angry illiterate red necks, the opposing force of BLM.

  • AaronWAaronW Member, Patron Provider

    MeltedLux said: Looks like servermania is taking this opportunity to advertise to Staminus clients included in the database dump.

    This seems super shady to me.

    Thanked by 1Francisco
  • estnocestnoc Member, Patron Provider

    and down it is again.

    @jonbeard said:
    Staminus just launched a information release:

    https://www.staminus.net/

    Thanked by 1GCat
  • To any Googlers:

    March 11th, 2016
    Statement
    To follow up on our communication from yesterday evening regarding the system outage, we can now confirm the issue was a result of an unauthorized intrusion into our network. As a result of this intrusion, our systems were temporarily taken offline and customer information was exposed. Upon discovering this attack, Staminus took immediate action including launching an investigation into the attack, notifying law enforcement and restoring our systems.

    Based on the initial investigation, we believe that usernames, hashed passwords, customer record information, including name and contact information, and payment card data were exposed. It is important to note that we do not collect Social Security numbers or tax IDs.

    While the investigation continues, we have and will continue to put additional measures into place to harden our security to help prevent a future attack. While the exposed passwords were protected with a cryptographic hash, we also strongly recommend that customers change their Staminus password.

    I fully recognize that our customers put their trust in Staminus and, while we believe that the issue has been contained, we are continuing to take the appropriate steps needed to safeguard our clients’ information and enhance our data security policies.

    We will provide updates, as appropriate, as the investigation continues.

    Regards,
    Matt Mahvi
    CEO, Staminus


    FAQ

    1. Have you been able to restore service to customers?
      Yes, global services, as well as most auxiliary services, are back online for our customers. Our engineering team is closely monitoring our network to help ensure service delivery.

    2. Was the recent service outage due to an unauthorized intrusion into Staminus’ systems?
      Based on the investigation into the outage, we can now conclude that it was the result of an unauthorized intrusion into our systems. Once we learned of the origin of the outage, we notified law enforcement, started work to harden our systems and launched a continued investigation into the attack.

    The website will be updated, as appropriate, with additional information as the investigation continues.

    1. Was customer information also exposed as a result of this attack?
      Based on the initial investigation, we believe that customer usernames, hashed passwords, customer record information, including name and contact information, and payment card data were exposed. It is important to note that we do not collect Social Security numbers or tax IDs.

    2. Are there steps customers need to take to protect their Staminus passwords?
      Yes. While the exposed passwords were protected with a cryptographic hash, we also strongly recommend that customers change their Staminus password, as is best practice anytime your password may have been exposed.

    3. What are some of the steps that customers can take who are concerned about their credit card possibly being exposed?
      Immediately upon learning of a potential intrusion, we notified our payment processor and all card brands so that they could proactively monitor fraudulent activity. Customers should regularly check their credit and debit card statements to see whether there is any fraudulent or suspicious activity. If there is any unauthorized activity, you should call your bank or financial institution in order to report the issue.

    4. Are there other steps customers should be taking to protect themselves?
      You should also always be on the lookout for phishing schemes. Any email correspondence we may send regarding this matter will not contain a link, so if you receive an email appearing to be from us that contains a link, it is not from us, and you should not click on the link. Also, never provide sensitive information to unsolicited requests claiming to come from us, your bank or other organizations. We would never ask you for sensitive information via email.

    Additionally, we highly recommend customers who utilize similar credentials across different platforms reset any passwords on accounts that may use the same or a similar password to their Staminus login.

    1. Will consumers be liable for fraudulent charges?
      Card issuers publish their own policies regarding fraudulent charges. Generally, issuers do not hold customers responsible for fraudulent charges if they are reported in a timely manner. Please contact your card brand or issuing bank for more information about the policy that applies to you. 8. Have you notified federal law enforcement about your investigation and are you working with them?
      Yes, once we determined that that information was exposed, we notified the necessary authorities, including the FBI. We are ready to work with them as appropriate as the investigation continues.

    Thanked by 1GCat
  • MridulMridul Member
    edited March 2016

    Plus :

    TIPS WHEN RUNNING A SECURITY COMPANY:

            ~ Use one root password for all the boxes
    
            ~ Expose PDU's to WAN with telnet auth
    
            ~ Never patch, upgrade or audit the stack
    
            ~ Disregard PDO as inconvenient
    
            ~ Hedge entire business on security theatre
    
            ~ Store full credit card info in plaintext
    
            ~ Write all code with wreckless abandon
    
  • I wonder if they'll give out any SLA credit... lol

  • GCatGCat Member

    oh, this is just getting funnier everyday

  • lbftlbft Member

    ManofServer said: KKK isn't a terrorist organization, it's just a bunch of angry illiterate red necks, the opposing force of BLM.

    What in the actual fuck are you smoking?

  • @lbft said:
    What in the actual fuck are you smoking?

    propaganda destroing brain...
    anyway, really bad things happened to staminus.

  • Licensecart said: and payment card data were exposed. It is important to note that we do not collect Social Security numbers or tax IDs.

    To me this looks like a smokescreen to not mention that credit card details were stored in plain text.

    Thanked by 2netomx vimalware
  • ClouviderClouvider Member, Patron Provider

    @mpkossen said:
    To me this looks like a smokescreen to not mention that credit card details were stored in plain text.

    And looks like a CVV was stored which is a huge no-no, if the dump is legit.

  • MikeAMikeA Member, Patron Provider

    @Clouvider said:
    And looks like a CVV was stored which is a huge no-no, if the dump is legit.

    It's definitely legit, old information from a ticket I had years ago is in one of them.

  • ClouviderClouvider Member, Patron Provider

    @EVM_Mike said:
    It's definitely legit, old information from a ticket I had years ago is in one of them.

    I'm not defending them. It looks like a big mess. However we know it only from one side of he story. It's possible that the dump may be partially true, for example, I'm not saying it is though.

  • MikeAMikeA Member, Patron Provider

    @Clouvider said:
    I'm not defending them. It looks like a big mess. However we know it only from one side of he story. It's possible that the dump may be partially true, for example, I'm not saying it is though.

    If it isn't legit why is all of my info from my years old Staminus account in there...

    Thanked by 2netomx Dylan
  • Why would the KKK go with such a bad provider. And I thought they were better than RamNode...

    Thanked by 1ManofServer
  • MaouniqueMaounique Host Rep, Veteran
    edited March 2016

    Uncle was considering staminus...

    Thanked by 1netomx
  • @Maounique said:
    Uncle was considering staminus...

    Better stay with seflow

  • jarjar Patron Provider, Top Host, Veteran

    @tr1cky said:
    Better stay with seflow

    image

  • ManofServerManofServer Member
    edited March 2016

    @lbft said:
    What in the actual fuck are you smoking?

    I'm sorry it was misunderstanding.

  • matteobmatteob Barred
    edited March 2016

    @tr1cky said:
    Better stay with seflow

    this is for sure

    ;-)

    I do not agree what hackers did to staminus. i understand the reasons, but why involve innocent customers?

    If you not agree that a company host some kind of terrorist (please, i not know kkk so i call them "terrorist" only because i read it in the advise), you should it the company, not their customer data...

    Thanked by 1ManofServer
  • AmitzAmitz Member
    edited March 2016

    You don't know about the KKK? I mean - really? Who does not know about those racists? Well, at least you could drop the link to your twitter news. And here is something for your general education. You're welcome!
    https://it.wikipedia.org/wiki/Ku_Klux_Klan

    Thanked by 1netomx
  • Amitz said: You don't know about the KKK?

    I think the KKK is a thing only in US. In Europe people know that such thing has existed back in the days, but don't know that they still exist now. People in Europe know about Nazis, not about KKK.

  • @Amitz said:

    i wrote my twitter link because someone was sarcastic with my company name. Want education, be polite. I think the name of my company has nothing to do with this thread and I thought it was not polite to laugh about it

    Oh KKK is ku klux klan, my apologies i know the full name but not all the acronyms. In Europe, as i know KKK is not active and in italy It is not known. Unfortunately we're not saint and we have Nazis, fascist etc.

  • I know man, I got very sad these past two days when the racist attacks against the Trump supporters were going on in Chicago... people need to focus more on life quality, economy, and so on.

    Thanked by 1AaronW
Sign In or Register to comment.