New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
A concern here is that I recall there being no shortage of drama there about other providers (eg, a particular month). And while it does seem that the allegations about those providers were legitimate and useful, it is not really a good look to then prevent almost all mentions of the situation here. Even just a "we're aware of the data breach claims, Cloudie will respond, please don't discuss it further" would be better than the current situation, especially when the most recent mention still there is someone saying that there is nothing reliable as far as public information about the matter, when at the same time it appears here that several people in the thread may have access to the data, and multiple people are reporting receiving emails that have data from it.
I'm not sure I'd describe this as grey-hat, whatever the perpetrators may claim.
That's a useful explanation. But I'd note that it's not an explanation in your rules, which only talk about ongoing DDoS attacks. It would be helpful to revise that.
We have been actively trying to limit drama, even inviting back into the discord some providers that were previously banned. Our goals are to provide a welcoming and happy space for geeks to geek about networking.
This is a fair point, but we cannot speak for Cloudie and the discord is not an official means of communications for Cloudie. We have always enforced this as policy, even before this current situation we would immediately close any tickets with people requesting support for Cloudie network.
Just to reiterate, if any provider was breached in this manner, we would go about the same route to protect the Discord server.
Instantly deleting a question about whether there has been any further update/details about the Dec 17 incident is not necessarily what I'd normally see as a welcoming and happy space, especially when your rules only mention not discussing in-progress DDoS attacks (those rules could probably use an update). At the time, I was not aware of this thread, and so all I knew was that I'd just received an email that had private data (if probably not very useful private data outside of that specific server) from a security incident where the only information I had was something saying there was no reason to believe there had been a data breach. I appreciate that my clarifications about this were not deleted, and I certainly didn't want to go around making accusations about emails, but I suppose I didn't end up getting much more context until reading this thread.
I can see the problems with these sorts of discussions getting out of hand, especially when it seems one goal of the perpetrators here is to do reputational damage by causing these sorts of conversations and speculation in the first place. I'm just not sure whether going this route actually helps quell those, or makes for wilder conversations elsewhere. Honestly, this thread has perhaps made me less concerned about the situation.
I personally never pay direct, always with PayPal™ and use a burner number so my risk level in minimal.
Smarthost will not be leaked.
Ok, four minutes later I get put to the test; perhaps part of the ddos that was going around ....
Updated email from Cloudie
Anything from SmartHost? They were affected too right?
If your data got leaked, then anyone can play with your data and you should treat it as such. I think it is positive that someone sent out an email earlier (even though I didn't get it for some reason) with some information on what exactly got leaked, because prior to that email, the only communication was from a shady email saying that they had broken into Cloudie and obtained "complete" data with no sign of what exactly was taken (besides the email on Dec 16th implying that information probably wasn't taken).
Clients data being leaked isn’t drama
It’s serious
And clients deserve to know
And them not being on top of it, sending out an email to each client as soon as they got the news, that’s wrong and dumb
Because, yes, the response can be wrong and dumb even if hacking is illegal. Both can be bad at the same time
If a terrorist roams free in the middle of my city for hours, I can question how police/millitary didn’t interupt the terrorist even though the terrorist was obviously not in the right
It’s just common sense
Finally, the ticket responses by Cloudie seem very immature. Obviously he tries to downplay the importance of the data for it to not get leaked, but still, immature
The proper way to handle a similar situation, would be to stall the hacker, try to get as much info from them as possible. Anything that might help police finding them, obviously don’t count on it, but still, try to get their crypto address, their online nicknames at various forums, their IPs, everything. Some of it might come handy. Don’t pay any money however, that way, you’re openly advertising to other hackers that you reward them for hacking you
Finally, contact:
I would like to complain Cloudie banned me from their Discord before I even managed to join. I'm not sure why do they dislike me, I guess I care more about their customers than Cloudie himself.
Technically, it’s probably not legal. The personal info is most probably obtained illegally for once, secondly, sending the emails unsolicited is most definitely not okay either.
But in a way, I agree with you, for anyone who had sensitive information leaked, being aware of it as soon as possible can be very important, so the email obviously helped at least someone.
One could of course argue that the leak is spreading, and as more people get notified of it, the more it’ll spread. Many of those notified will proceed to lookup the dump, and it contains personal information that they, quite honestly, have no business looking at.
”Despite our actions” lmao
Reinstalling whmcs will surely erase database dump from attackers machine. What a fucking shitshow lmao
Only ”action” that could help would be utlizing a time machine
Or letting customers know they are fucked instantly, rotating passwords, etc.
They have done none of that, just a misleading post where they stated no personal info has been leaked.
They quite literally fucked it up for themselves, they didn't handle it well at all, especially with complete censorship on their Discord. I used to think Cloudie is a trusted name, I guess I was wrong.
Tagging @SmartHost
You're acting like a clown. I believe you also forgot to mention that you're a current administrator for the same fucking Discord you're discussing.
cough. Cloudie used the exact same default password for several accounts on
pve1-yyz.node.cloudie.network
, and some of them are still functional.Are you sure? The Discord is owned by Cloudie, and it's also coincidentally included in almost every single Cloudie email template.
Shall I also remind you that the Proxmox default password still hasn't been reset?
Additionally, here are the chat exports for the last three days, including deleted messages, in case someone finds something spicy: https://ws.spy.pet/exports/0e5815afb68386a9978a7f7956c9e38b.csv
(please note that the 'delete' field is not accurate).
I mean sure, I wrote that too. That would help remedy the already occured hack
But the way they worded it sounds like they worked hard to make sure they don’t get hacked in the first place, when they’re already hacked. They seem clueless.
”Despite our actions”, and priorly mentioning reinstalling WHMCS.
Obviously you should do that, but it won’t affect the already occured hack. They try to make it sound like they were busy undoing the hack.
@sillycat maybe clear the password from your post as you’re kind of inviting malicious intent. We get the point without it
You could also argue that the very existence of this LET post is bringing way more awareness to the leak, leading people to download it The hacker already sent out an email to all Cloudie customers to join a Telegram group with a direct link to it saying that they would release the complete database. Some Cloudie customers had to download the database to see what information they had in it about them.
I don't think it's necessarily legal either, but I don't think it's a bad thing. People could have used the data for far worse, like phishing emails or advertising (cough cough QuadraNet cough cough).
I like being "good" for once and still being met with same treatment as I was malicious.
Yes. I don’t consider it net bad. I do still however think it’s probably illegal.
What I wouldn’t do however is spread the file.
So you sent the email? Or do you just mean the LET thread? I was just about to ask you, since it sounded very much like you wrote it, at least that’s the feeling I got reading it.
And I don’t think I’ve treated you as malicious, I’m just being honest, I said it was probably net positive.
It wasn't me who sent the email.
If it was you, would you tell us?
I probably would, no reason not to, its not like I have any reputation here lmao.
I couldn't care less what people think of me, I'm just doing my thing whether they like it or not.
Aight
You do have reputation though
The reputation of spending so much time and effort on getting back in that not a single mod or admin even has the energy to ban you again
That’s quite an achievement tbh
At least I helped influence positive changes on this shitty ass forum.
I'm not done yet though.
What changes though?
I’m all ears, but you being tolerated isn’t really a policy change I’d say, I honestly think they’re just not getting paid enough (nothing) to put the effort in to keep you out lol