Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop

Categories

In this Discussion

Home General
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Dasabo Acquired by Dasabo

15791011

Comments

  • systemfreakssystemfreaks Member, Patron Provider

    @Dasabo From my point of view, the payments are not the main issue here.

    You seem to have handled the payment side well, but since this person also had access to your clients’ personal details, how do you know that data has not been leaked?

    I believe you should inform clients about a potential breach involving their email addresses and other personal details.

    Thanked by 6Dasabo buggedout borkedascii oloke Killix forest
  • totally_not_bannedtotally_not_banned Member

    @Saragoldfarb said:

    @totally_not_banned said:

    @tentor said:

    @totally_not_banned said:

    @Dasabo said:

    @totally_not_banned said:
    @Dasabo could you please comment in regards to the relationship with your support rep?

    No.

    I see. So you neither deny nor confirm it. I guess we are on to something here ;)

    Andrew from legal explicitly forbidden disclosing private information

    Hmm, i think i'm missing a couple of pieces here. I don't know who Eric is and Andrew doesn't ring a bell either. Anyways i don't think a denial would be disclosing any kind of private information ;)

    https://discord.boloxmedia.co.uk/💬-chat_X6wP8RZKHs - LATEST/

    https://boloxmedia.co.uk

    Not to be confused with
    https://veloxmedia.co.uk

    Ahh, i see. Yeah, i sadly kind of missed that shitshow when it was fresh, so i'm not 100% up to date regarding the protagonists.

    Thanked by 1Saragoldfarb
  • SaragoldfarbSaragoldfarb Member, Megathread Squad

    @totally_not_banned said:

    @Saragoldfarb said:

    @totally_not_banned said:

    @tentor said:

    @totally_not_banned said:

    @Dasabo said:

    @totally_not_banned said:
    @Dasabo could you please comment in regards to the relationship with your support rep?

    No.

    I see. So you neither deny nor confirm it. I guess we are on to something here ;)

    Andrew from legal explicitly forbidden disclosing private information

    Hmm, i think i'm missing a couple of pieces here. I don't know who Eric is and Andrew doesn't ring a bell either. Anyways i don't think a denial would be disclosing any kind of private information ;)

    https://discord.boloxmedia.co.uk/💬-chat_X6wP8RZKHs - LATEST/

    https://boloxmedia.co.uk

    Not to be confused with
    https://veloxmedia.co.uk

    Ahh, i see. Yeah, i sadly kind of missed that shitshow when it was fresh, so i'm not 100% up to date regarding the protagonists.

    Yeah, you definitely missed out on a great shitshow. CharityHost.org Porn Hosting was bad but I think Velox beat them.

    Thanked by 3tentor Xrmaddness forest
  • totally_not_bannedtotally_not_banned Member

    @Saragoldfarb said:
    CharityHost.org Porn Hosting

    Haha, WTF? That sounds quite hot. Not gonna lie :D

    Thanked by 1Saragoldfarb
  • SaragoldfarbSaragoldfarb Member, Megathread Squad

    @totally_not_banned said:

    @Saragoldfarb said:
    CharityHost.org Porn Hosting

    Haha, WTF? That sounds quite hot. Not gonna lie :D

    Wut? You missed the charityhost porn drama? Dude!!! Who got links!?

  • XrmaddnessXrmaddness Member

    @raindog308 said:

    Dasabo Acquired by Dasabo, and Then All Hell Broke Loose

    https://lowendbox.com/blog/dasabo-acquired-by-dasabo-and-then-all-hell-broke-loose/

    Thanked by 1Saragoldfarb
  • totally_not_bannedtotally_not_banned Member

    @Saragoldfarb said:

    @totally_not_banned said:

    @Saragoldfarb said:
    CharityHost.org Porn Hosting

    Haha, WTF? That sounds quite hot. Not gonna lie :D

    Wut? You missed the charityhost porn drama? Dude!!! Who got links!?

    Well, i wasn't really around for like 2 years so what can i do? I also had to post mortem @Calin's big haul. Sad times :(

    @Xrmaddness said:

    @raindog308 said:

    Dasabo Acquired by Dasabo, and Then All Hell Broke Loose

    https://lowendbox.com/blog/dasabo-acquired-by-dasabo-and-then-all-hell-broke-loose/

    Someone should tell yarn.co that sticking your image hotlinking service behind a cloudflare captcha is fucking stupid...

    Thanked by 2Saragoldfarb Xrmaddness
  • tentortentor Member, Host Rep

    @Saragoldfarb said:

    @totally_not_banned said:

    @Saragoldfarb said:
    CharityHost.org Porn Hosting

    Haha, WTF? That sounds quite hot. Not gonna lie :D

    Wut? You missed the charityhost porn drama? Dude!!! Who got links!?

    https://host.charity/

    Thanked by 4Saragoldfarb totally_not_banned rpqu forest
  • SaragoldfarbSaragoldfarb Member, Megathread Squad

    @tentor said:

    @Saragoldfarb said:

    @totally_not_banned said:

    @Saragoldfarb said:
    CharityHost.org Porn Hosting

    Haha, WTF? That sounds quite hot. Not gonna lie :D

    Wut? You missed the charityhost porn drama? Dude!!! Who got links!?

    https://host.charity/

    <3

    Thanked by 1tentor
  • DasaboDasabo 🚩 Patron Provider Tag Suspended

    @systemfreaks said:
    @Dasabo From my point of view, the payments are not the main issue here.

    You seem to have handled the payment side well, but since this person also had access to your clients’ personal details, how do you know that data has not been leaked?

    I believe you should inform clients about a potential breach involving their email addresses and other personal details.

    In a certain sense, what you say is correct, but this person was not external to Dasabo but a duly contracted person who also signed an NDA at the time.
    It's as if every company with an employee with access to sensitive data had to send an email to all its customers every 10 minutes informing them that one of their employees might one day disclose sensitive data. You understand, such a thing is unthinkable.
    Criminal liability is always personal. I don't believe he will do something like this, and at present I have found no trace of a mass data export. We are still conducting an extensive audit with an external company. If this has happened, we will promptly notify all our customers. However, at this time, we have no evidence of this. Time is the gentleman and will provide all the answers.

  • XrmaddnessXrmaddness Member

    @totally_not_banned said:

    Someone should tell yarn.co that sticking your image hotlinking service behind a cloudflare captcha is fucking stupid...

    I had no idea that was even a thing

  • totally_not_bannedtotally_not_banned Member

    @tentor said:

    @Saragoldfarb said:

    @totally_not_banned said:

    @Saragoldfarb said:
    CharityHost.org Porn Hosting

    Haha, WTF? That sounds quite hot. Not gonna lie :D

    Wut? You missed the charityhost porn drama? Dude!!! Who got links!?

    https://host.charity/

    Holy fucking shit. What a goldmine!

    @Xrmaddness said:

    @totally_not_banned said:

    Someone should tell yarn.co that sticking your image hotlinking service behind a cloudflare captcha is fucking stupid...

    I had no idea that was even a thing

    It's a new one for me too. I copied the link since the picture wasn't showing and was greeted by cloudflare lol

    Thanked by 2Xrmaddness tentor
  • systemfreakssystemfreaks Member, Patron Provider

    @Dasabo said:

    @systemfreaks said:
    @Dasabo From my point of view, the payments are not the main issue here.

    You seem to have handled the payment side well, but since this person also had access to your clients’ personal details, how do you know that data has not been leaked?

    I believe you should inform clients about a potential breach involving their email addresses and other personal details.

    In a certain sense, what you say is correct, but this person was not external to Dasabo but a duly contracted person who also signed an NDA at the time.
    It's as if every company with an employee with access to sensitive data had to send an email to all its customers every 10 minutes informing them that one of their employees might one day disclose sensitive data. You understand, such a thing is unthinkable.
    Criminal liability is always personal. I don't believe he will do something like this, and at present I have found no trace of a mass data export. We are still conducting an extensive audit with an external company. If this has happened, we will promptly notify all our customers. However, at this time, we have no evidence of this. Time is the gentleman and will provide all the answers.

    I believe you should review your internal system and permissions structure.

    Many companies, including ours, do not display sensitive customer data to support agents unless there is a real need. Communication can be handled through the system, so support staff do not need direct access to clients’ email addresses, physical addresses, or other personal details.

    Also, support agents should not be able to create billing entries. That should be handled only by accounting or higher-level authorized staff.

    After informing users about the potential exposure, it may be a good time to review your internal access controls and improve these areas to avoid similar issues in the future.

    Thanked by 2Dasabo forest
  • DasaboDasabo 🚩 Patron Provider Tag Suspended

    @systemfreaks said:

    @Dasabo said:

    @systemfreaks said:
    @Dasabo From my point of view, the payments are not the main issue here.

    You seem to have handled the payment side well, but since this person also had access to your clients’ personal details, how do you know that data has not been leaked?

    I believe you should inform clients about a potential breach involving their email addresses and other personal details.

    In a certain sense, what you say is correct, but this person was not external to Dasabo but a duly contracted person who also signed an NDA at the time.
    It's as if every company with an employee with access to sensitive data had to send an email to all its customers every 10 minutes informing them that one of their employees might one day disclose sensitive data. You understand, such a thing is unthinkable.
    Criminal liability is always personal. I don't believe he will do something like this, and at present I have found no trace of a mass data export. We are still conducting an extensive audit with an external company. If this has happened, we will promptly notify all our customers. However, at this time, we have no evidence of this. Time is the gentleman and will provide all the answers.

    I believe you should review your internal system and permissions structure.

    Many companies, including ours, do not display sensitive customer data to support agents unless there is a real need. Communication can be handled through the system, so support staff do not need direct access to clients’ email addresses, physical addresses, or other personal details.

    Also, support agents should not be able to create billing entries. That should be handled only by accounting or higher-level authorized staff.

    After informing users about the potential exposure, it may be a good time to review your internal access controls and improve these areas to avoid similar issues in the future.

    Thank you so much for the constructive advice.
    We're currently doing just that, reviewing all permit levels. It's my own fault for placing so much trust in someone I never thought would betray me like this, simply because of a personal misunderstanding. Ultimately, this is training, too, and I take it as a lesson I've paid dearly for.

  • systemfreakssystemfreaks Member, Patron Provider
    edited May 12

    @Dasabo said:

    @systemfreaks said:

    @Dasabo said:

    @systemfreaks said:
    @Dasabo From my point of view, the payments are not the main issue here.

    You seem to have handled the payment side well, but since this person also had access to your clients’ personal details, how do you know that data has not been leaked?

    I believe you should inform clients about a potential breach involving their email addresses and other personal details.

    In a certain sense, what you say is correct, but this person was not external to Dasabo but a duly contracted person who also signed an NDA at the time.
    It's as if every company with an employee with access to sensitive data had to send an email to all its customers every 10 minutes informing them that one of their employees might one day disclose sensitive data. You understand, such a thing is unthinkable.
    Criminal liability is always personal. I don't believe he will do something like this, and at present I have found no trace of a mass data export. We are still conducting an extensive audit with an external company. If this has happened, we will promptly notify all our customers. However, at this time, we have no evidence of this. Time is the gentleman and will provide all the answers.

    I believe you should review your internal system and permissions structure.

    Many companies, including ours, do not display sensitive customer data to support agents unless there is a real need. Communication can be handled through the system, so support staff do not need direct access to clients’ email addresses, physical addresses, or other personal details.

    Also, support agents should not be able to create billing entries. That should be handled only by accounting or higher-level authorized staff.

    After informing users about the potential exposure, it may be a good time to review your internal access controls and improve these areas to avoid similar issues in the future.

    Thank you so much for the constructive advice.
    We're currently doing just that, reviewing all permit levels. It's my own fault for placing so much trust in someone I never thought would betray me like this, simply because of a personal misunderstanding. Ultimately, this is training, too, and I take it as a lesson I've paid dearly for.

    The lesson is only one part of this.

    You still need to inform your clients about all potential risks. Since there was an issue and there is a possibility that client data was exposed, avoiding or delaying communication is not the professional way to handle it.

    Being transparent with clients is the right thing to do, even if the risk is only potential. Hiding or minimizing the issue can damage trust far more than the issue itself.

    Thanked by 2Dasabo forest
  • DasaboDasabo 🚩 Patron Provider Tag Suspended

    @systemfreaks said:

    @Dasabo said:

    @systemfreaks said:

    @Dasabo said:

    @systemfreaks said:
    @Dasabo From my point of view, the payments are not the main issue here.

    You seem to have handled the payment side well, but since this person also had access to your clients’ personal details, how do you know that data has not been leaked?

    I believe you should inform clients about a potential breach involving their email addresses and other personal details.

    In a certain sense, what you say is correct, but this person was not external to Dasabo but a duly contracted person who also signed an NDA at the time.
    It's as if every company with an employee with access to sensitive data had to send an email to all its customers every 10 minutes informing them that one of their employees might one day disclose sensitive data. You understand, such a thing is unthinkable.
    Criminal liability is always personal. I don't believe he will do something like this, and at present I have found no trace of a mass data export. We are still conducting an extensive audit with an external company. If this has happened, we will promptly notify all our customers. However, at this time, we have no evidence of this. Time is the gentleman and will provide all the answers.

    I believe you should review your internal system and permissions structure.

    Many companies, including ours, do not display sensitive customer data to support agents unless there is a real need. Communication can be handled through the system, so support staff do not need direct access to clients’ email addresses, physical addresses, or other personal details.

    Also, support agents should not be able to create billing entries. That should be handled only by accounting or higher-level authorized staff.

    After informing users about the potential exposure, it may be a good time to review your internal access controls and improve these areas to avoid similar issues in the future.

    Thank you so much for the constructive advice.
    We're currently doing just that, reviewing all permit levels. It's my own fault for placing so much trust in someone I never thought would betray me like this, simply because of a personal misunderstanding. Ultimately, this is training, too, and I take it as a lesson I've paid dearly for.

    The lesson is only one part of this.

    You still need to inform your clients about all potential risks. Since there was an issue and there is a possibility that client data was exposed, avoiding or delaying communication is not the professional way to handle it.

    Being transparent with clients is the right thing to do, even if the risk is only potential. Hiding or minimizing the issue can damage trust far more than the issue itself.

    I’ve already launched the campaign; it should be up and running in the next few hours, as it needs to send out thousands of emails.

  • totally_not_bannedtotally_not_banned Member
    edited May 13

    Thanked by 1Saragoldfarb
  • davidedavide Member
    edited May 13

    @raindog308 said:
    Dasabo Acquired by Dasabo, and Then All Hell Broke Loose

    https://lowendbox.com/blog/dasabo-acquired-by-dasabo-and-then-all-hell-broke-loose/

    Protection money, they thought

  • raindog308raindog308 Administrator, Veteran

    @Saragoldfarb said: Who got links!?

    In order, April 2025 - December 2025:

    https://lowendbox.com/blog/recent-drama-the-ethics-of-scanning-hosted-files/

    https://lowendbox.com/blog/the-uncharitable-website-about-charity-host-the-scandal-escalates/

    https://lowendbox.com/blog/dead-horse-beating-itself-charityhost-rebranding-as-exactvm/

    https://lowendbox.com/blog/drama-star-charityhost-sold-to-josh/

    https://lowendbox.com/blog/how-can-there-possibly-be-more-charity-host-drama-new-federal-law-violations/

    Thanked by 3totally_not_banned Saragoldfarb forest
  • raindog308raindog308 Administrator, Veteran

    Dasabo's co-founder/CTO just got an "L1: Bronze" certification in "Vibe Coding" this month.

    Thanked by 9MaxTakeba Xrmaddness Noct totally_not_banned x0x0x JohnnySac oloke sychusha forest
  • DasaboDasabo 🚩 Patron Provider Tag Suspended

    @raindog308 Just wondering, are you adding drama to a situation that is already complex in itself?

  • raindog308raindog308 Administrator, Veteran

    @Dasabo said: Just wondering, are you adding drama to a situation that is already complex in itself?

    I am a well-known drama whore.

    Thanked by 13rpqu Xrmaddness Noct Arirang tentor equalz JohnnySac oloke Killix Saragoldfarb Marx forest Frameworks
  • totally_not_bannedtotally_not_banned Member
    edited May 13

    @Dasabo said:
    @raindog308 Just wondering, are you adding drama to a situation that is already complex in itself?

    Huh? Isn't the whole point in getting certifications to show them off as much as possible?

    Edit: Also what's complex about the situation? Disgruntled support rep goes on a rampage (... for reasons ;)) and gets (r)ejected from their job too. That's pretty straight forward as far as i am concerned.

  • davidedavide Member
    edited May 13

    @Dasabo said:
    @raindog308 Just wondering, are you adding drama to a situation that is already complex in itself?

    He wants to throw you in the lava :'(

    @calin is the lava nice and warm?

  • NoctNoct Member

    @systemfreaks said:
    @Dasabo ...since this person also had access to your clients’ personal details, how do you know that data has not been leaked?

    @Dasabo said:
    I don't believe he will do something like this

    only to then later say

    @Dasabo said:
    It's my own fault for placing so much trust in someone I never thought would betray me like this, simply because of a personal misunderstanding.

    What incongruent nonsense! He has learned nothing, evidently.

    People on LET ought to hesitate before jumping on cheap deals from bottom-of-the-barrel providers such as Dasabo who are operated by cheap, naive dummies.

  • equalzequalz Member

    yikes at this thread

  • x0x0xx0x0x Member

    @Dasabo said:
    We are writing to provide an official and transparent update regarding an incident involving unauthorized payment attempts that were detected on our platform in recent days.

    Following an in-depth internal investigation, including technical auditing, log analysis, and comprehensive security reviews conducted as a top priority by our security and operations teams, we have been able to precisely identify the origin of the incident.

    The investigation has confirmed that an internal collaborator, who until a few hours ago was part of our customer support department, misused their assigned access privileges by performing unauthorized payment-related actions against a very limited number of users, with the clear intent of causing significant financial and reputational harm to our company.

    These activities were carried out within the timeframe between May 5, 2026, and May 8, 2026.

    Immediately upon detection of the anomalies, Dasabo activated its emergency security protocols, taking the following actions:

    1. fully revoked all system access associated with the individual involved;
    2. invalidated all credentials, sessions, and operational privileges;
    3. conducted a full security and infrastructure review across payment-related systems;
    4. initiated enhanced internal forensic auditing procedures;
    5. engaged legal counsel to proceed with a formal complaint to the competent authorities.

    The incident affected a total of 13 users. In 5 cases, payments were successfully processed; however, all affected amounts have already been fully refunded to the respective customers via their original payment methods.

    We would like to emphasize that these transactions were only possible because the affected users had previously and voluntarily authorized and stored a recurring payment method within their Dasabo account. The unauthorized charges were executed through the creation of credit top-up invoices from the client area and the subsequent misuse of pre-approved payment methods.

    It is critically important to clarify the following:

    1. there has been no external breach of our systems;
    2. there is no evidence of any unauthorized third-party intrusion;
    3. no credit card data has been stolen or compromised;
    4. all payment data is handled via secure tokenization systems compliant with international security standards;
    5. sensitive card information is never stored in plain text on our infrastructure.

    Thanks to the advanced fraud prevention mechanisms implemented through Stripe Radar, combined with our existing multi-layered security rules, we were able to rapidly detect abnormal activity and prevent further unauthorized attempts, significantly limiting the potential impact of this incident.

    In parallel, we have already implemented additional enhanced security measures, including:

    1. a full review of internal access privileges and administrative roles;
    2. strict limitation of operational permissions on billing and payment systems;
    3. implementation of multi-level approval controls for sensitive operations;
    4. strengthened real-time monitoring and auditing systems;
    5. stricter internal procedures for all financial and billing-related activities.

    We fully recognize the seriousness of this incident and the concern it may have caused. At Dasabo, the trust and security of our customers are of paramount importance, and we do not take this matter lightly.

    We extend our deepest and most sincere apologies to the affected customers and reaffirm our absolute commitment to maintaining the highest standards of security, transparency, and reliability.

    We will continue to closely monitor the situation and fully cooperate with the relevant authorities to ensure that all responsibilities are appropriately addressed.

    @angstrom

    Have you shared this with all your customers yet?

    Thanked by 2xms ralf
  • defaultdefault Veteran

    Thanked by 3totally_not_banned Saragoldfarb forest
  • ascicodeascicode Member

    I guessd its a sort of were not in relation with the old company.

  • tentortentor Member, Host Rep

    @ascicode said:
    I guessd its a sort of were not in relation with the old company.

    Its a sort of were not in relation with the internal collaborator

Sign In or Register to comment.