New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
They are scum then, using data leaks to get customers. If they wanted to they could have done a social announcement using Staminus to get promotional opportunities.
Also extremely illegal last I checked...
Lol this shit just gets better and better!
Thats some really weird wording.
So they protect DDOS services
I wasn't expecting this amount of drama from Staminus. If I were a customer, I wouldn't trust them any longer.
About Server Mania... well, not surprising coming from ColoCrossing.
Staminus just launched a information release:
https://www.staminus.net/
KKK isn't a terrorist organization, it's just a bunch of angry illiterate red necks, the opposing force of BLM.
This seems super shady to me.
and down it is again.
To any Googlers:
March 11th, 2016
Statement
To follow up on our communication from yesterday evening regarding the system outage, we can now confirm the issue was a result of an unauthorized intrusion into our network. As a result of this intrusion, our systems were temporarily taken offline and customer information was exposed. Upon discovering this attack, Staminus took immediate action including launching an investigation into the attack, notifying law enforcement and restoring our systems.
Based on the initial investigation, we believe that usernames, hashed passwords, customer record information, including name and contact information, and payment card data were exposed. It is important to note that we do not collect Social Security numbers or tax IDs.
While the investigation continues, we have and will continue to put additional measures into place to harden our security to help prevent a future attack. While the exposed passwords were protected with a cryptographic hash, we also strongly recommend that customers change their Staminus password.
I fully recognize that our customers put their trust in Staminus and, while we believe that the issue has been contained, we are continuing to take the appropriate steps needed to safeguard our clients’ information and enhance our data security policies.
We will provide updates, as appropriate, as the investigation continues.
Regards,
Matt Mahvi
CEO, Staminus
FAQ
Have you been able to restore service to customers?
Yes, global services, as well as most auxiliary services, are back online for our customers. Our engineering team is closely monitoring our network to help ensure service delivery.
Was the recent service outage due to an unauthorized intrusion into Staminus’ systems?
Based on the investigation into the outage, we can now conclude that it was the result of an unauthorized intrusion into our systems. Once we learned of the origin of the outage, we notified law enforcement, started work to harden our systems and launched a continued investigation into the attack.
The website will be updated, as appropriate, with additional information as the investigation continues.
Was customer information also exposed as a result of this attack?
Based on the initial investigation, we believe that customer usernames, hashed passwords, customer record information, including name and contact information, and payment card data were exposed. It is important to note that we do not collect Social Security numbers or tax IDs.
Are there steps customers need to take to protect their Staminus passwords?
Yes. While the exposed passwords were protected with a cryptographic hash, we also strongly recommend that customers change their Staminus password, as is best practice anytime your password may have been exposed.
What are some of the steps that customers can take who are concerned about their credit card possibly being exposed?
Immediately upon learning of a potential intrusion, we notified our payment processor and all card brands so that they could proactively monitor fraudulent activity. Customers should regularly check their credit and debit card statements to see whether there is any fraudulent or suspicious activity. If there is any unauthorized activity, you should call your bank or financial institution in order to report the issue.
Are there other steps customers should be taking to protect themselves?
You should also always be on the lookout for phishing schemes. Any email correspondence we may send regarding this matter will not contain a link, so if you receive an email appearing to be from us that contains a link, it is not from us, and you should not click on the link. Also, never provide sensitive information to unsolicited requests claiming to come from us, your bank or other organizations. We would never ask you for sensitive information via email.
Additionally, we highly recommend customers who utilize similar credentials across different platforms reset any passwords on accounts that may use the same or a similar password to their Staminus login.
Card issuers publish their own policies regarding fraudulent charges. Generally, issuers do not hold customers responsible for fraudulent charges if they are reported in a timely manner. Please contact your card brand or issuing bank for more information about the policy that applies to you. 8. Have you notified federal law enforcement about your investigation and are you working with them?
Yes, once we determined that that information was exposed, we notified the necessary authorities, including the FBI. We are ready to work with them as appropriate as the investigation continues.
Plus :
TIPS WHEN RUNNING A SECURITY COMPANY:
I wonder if they'll give out any SLA credit... lol
oh, this is just getting funnier everyday
What in the actual fuck are you smoking?
propaganda destroing brain...
anyway, really bad things happened to staminus.
To me this looks like a smokescreen to not mention that credit card details were stored in plain text.
And looks like a CVV was stored which is a huge no-no, if the dump is legit.
It's definitely legit, old information from a ticket I had years ago is in one of them.
I'm not defending them. It looks like a big mess. However we know it only from one side of he story. It's possible that the dump may be partially true, for example, I'm not saying it is though.
If it isn't legit why is all of my info from my years old Staminus account in there...
Why would the KKK go with such a bad provider. And I thought they were better than RamNode...
Uncle was considering staminus...
Better stay with seflow
I'm sorry it was misunderstanding.
this is for sure
I do not agree what hackers did to staminus. i understand the reasons, but why involve innocent customers?
If you not agree that a company host some kind of terrorist (please, i not know kkk so i call them "terrorist" only because i read it in the advise), you should it the company, not their customer data...
You don't know about the KKK? I mean - really? Who does not know about those racists? Well, at least you could drop the link to your twitter news. And here is something for your general education. You're welcome!
https://it.wikipedia.org/wiki/Ku_Klux_Klan
I think the KKK is a thing only in US. In Europe people know that such thing has existed back in the days, but don't know that they still exist now. People in Europe know about Nazis, not about KKK.
i wrote my twitter link because someone was sarcastic with my company name. Want education, be polite. I think the name of my company has nothing to do with this thread and I thought it was not polite to laugh about it
Oh KKK is ku klux klan, my apologies i know the full name but not all the acronyms. In Europe, as i know KKK is not active and in italy It is not known. Unfortunately we're not saint and we have Nazis, fascist etc.
I know man, I got very sad these past two days when the racist attacks against the Trump supporters were going on in Chicago... people need to focus more on life quality, economy, and so on.