New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
ChicagoVPS database leaked? ChicagoVPS customers - change your root passwords immediately!
This discussion has been closed.
Comments
Can I get the dump? I am a client of them.
Thank god for that! can you describe the database tables. So we can see what info they have stored and what has been released.
@liam, not sure if they are still banned but it would be nice to have a cvps rep on this.
Kevin still has an active account here, its just Chris that was banned.
Luc too
Why was Chris banned?
I as well.
Then @CVPS_Kevin can you please give us a heads up on what the hell is going on. Considering @CVPS_Chris stated:
Hello Everyone,
I just wanted to give a quick update, since a lot of you are looking for one and had a few questions.
First off, I want to start out by saying thank you to all of you that have been clam during this event and understand that sometimes things do happen.
In no way, has WHMCS been effected from this, so no customer personal information such as credit cards, emails, etc. has been stolen. ChicagoVPS will also
be implementing a regular backup service for all OpenVZ products. We will start out in Chicago and work to Buffalo, then to LA.
We want to assure you that we are doing everything we can to make sure nothing like this can happen again, and that you can still rely on us for your hosting needs.
If you have any additional questions, please feel free to open up a support ticket.
Thank you all again for your business.
Regards,
Chris Fabozzi
Director of Operations
ChicagoVPS - See more at:
I want the dump to see what they store about me?
Well there's pretty much everything.. their nodes, backup servers, client info, internal ips, ipv6 addresses, ipv4 addresses, plans, bandwidth usage datas, isos, templates, vzdata, xendata, etc.. like it's their entire database. 26.9MB SQL file. I haven't checked it completely and not sure if I will.
At least we can verify whether CVPS are as big as Chris likes to claim they are :P
I understand the "neat" factor of "building a tool to see if your name is in the database", but the date of the dump has been established based on the information contained within. Are we not giving enough credit to people that they should know if they were, or were not, a customer of CVPS at that point?
I feel that most of the "I want the database!" probably stems from this. So....
No.
======
Where's @Spirit?
59 Nodes apparently :-)
Are you sure they delete old user information from database ?
Client info? F**k, my debit card is in it.
They probably don't (does anyone?), and that's my point: consider that your personal data is already in the database, and so it's now being passed around without consideration.
@Radi I don't thnk your Crredit or Debit card are in there.
I understand this is a SolusVM dump, not WHMCS (unless I've misinterpreted), and there's no reason for SolusVM to have any billing related information in it, such as your CC info.
Why would your debit card info be in the solus database?
As a customer of CVPS prior and after the attack I want to see the info of the database so I can confirm what information is there and take actions accordingly. As of the moment I don't give a shit if it is passed around, the damage is done and it is probably on 10 to 20 mirrors by now.
So thus, I would love to see the mysql database contents for email: (Retracted the email to prevent SPAMMING) if someone could do that for me. (PM it please)
Yet another reason to not pass it out.
Database is already leaked.I was a customer when they claimed there was a solusvm exploit and cancelled account after.So i can not be sure if my personal data is leaked or not.
SolusVM passwords are now changed by them.
there are NO reasons other then to harm CVPS more then already is done by sending their user db to other people.
Have you been a customer with CVPS, then probably it is.
I suggest that you log in and change your password.
CVPS customers prepare to be spammed by spammers!
Mikho, passwords are changed already.
I think I may be cancelling my server.
@Radi why they fixed the problem. So you email leaked, big deal emails can be changed and updated.
being sarcastic!
I can't change it as I registered everywhere with it.
hopefully this happens to no other hosts.
You're safe as long as you aren't so sloppy and lacking in security as @CVPS_Chris
If this is true,it could explain why my vps with chicagovps was rebuild by some other guy from the control panel.