New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Possible Data Breach of OVHcloud
NotFoundException
Member
If true, bad news for many of us. Pray with me 
Comments
"Fuck."
OVH has no firewall.
OVH Fresh? Did they mean French?
If that was a serious question. I think it means, that the accounts are still actively used.
yes, since they didn't specify the region, and OVH has separate systems for EU, CA, and US (at least) it would make sense if only data from certain systems were stolen. I'm guessing the OVHCloud US branch is not affected since it's completely separated from my understanding.
Very bad for OVH if so regardless. My CA account is inactive now but I still use US.
FUUUUUUUUUUUUUCK
This is NOT a confirmed breach .
The message reads like only web hosting customers were compromised (is that even something OVH offers)?
I don't actually care. I have rotated all three accounts. Even if not confirmed I am doing it for the sake of security.
2FA dude ... No sweat
Even then. Still gonna rotate it.
666
590TB is nuts.
Could also very well be fake. OP seemingly is the admin of a new BF clone and they're only selling "one file for now". Sounds to me like they only got access to a few nodes.
Almost certainly fake for one simple reason: Exfiltrating 590 TB of data is not easy. Now, if it was someone who claimed that they had backend access and could exfiltrate an arbitrary site, I'd be more willing to believe it. Maybe some truth to it, but meh.
That said, I would be stunned if the OVH customer database, which is much smaller, wasn't being sold/traded underground in far less open media (IRC servers via word-of-mouth, etc.).
While normally I'd agree with this take, it's fucking @OVHcloud we're talking about here who have proven over and over again they're a bunch of incompetent idiots
10Gbps baguette exists for a reason
Here's what they declare to pwn.
Supposedly OVHCloud US is in the leak as well:
590TB, that's a lot of porn.
I doubt that they could transfer that much without OVH noticing.
Its only 2Gbps 24/7 for a month, could go pretty unnoticed.
Yea but it isn't a random server, full of porn.
Like from @allthemtings or @emgh
Its a relevant, internal, OVH server right.
They gonna notice that, even if you aim for long extraction, to reduce bandwidth.
If it’s that much data OVH would have noticed abnormal activity on there database/network
@emgh important news don't miss
Damn. Need to change the password of my ovh account then.
This and yes, it’s still super unlikely and Octave even denied it already. But even if it’s fake, a lot of people including me, would not be super surprised, if this would happen.
It’s a reminder to be careful who you give your data and how you do it. Encrypt it or don’t encrypt it, how do you need to encrypt it to be immune to these attacks.
Hello guys, is this the thread for April 1st OVH deals?
A good way to promote some ridiculous forum where admin cant even fix {socialsites} placeholder
In websites we can see "..." - more, more more... but in customers/servers nope, so attacker breach only 4 nodes?
I believe OVH, when this was first posted here I ran the sample through snusbase and hibp and couldn't find anything so I just wrote it off as bullshit.
And my thinking was if this was someone's actual personal email in the sample, it would appear in at least one breach...?
The poster has negative reputation on the site.
https://breachforums.ac/showthread.php?tid=45598
Its 100% bullshit. With that much data, they would have better sample to show for it.