GreenValueHost forced password reset - Security breach?

[WebSearchingPro]

See if you're going to throw cloak and dagger crap around, don't bother posting. Either give the information out or say nothing. All you're doing is making yourself look incompetent because no decent admin would put that kind of pish on their own website.

It was just more of a reassuring statement, I apologize, they are an active member in this community and I would not want to risk their anonymity. I'd rather not be hassled by them when they see their name . The information is freely out there, just have to dig it up. 

 

[MannDude]

Wow, I just woke up. Read all of this thread. Read all of the LET thread. How is no one there concerned?

"La la la. I keep getting these emails, LOL!! La la la! Doo do doo"

I'd say it's quite worth being worried about.

 

[Tactical]

Is school out yet?

 

[AuroraZero]

Wow, I just woke up. Read all of this thread. Read all of the LET thread. How is no one there concerned?

"La la la. I keep getting these emails, LOL!! La la la! Doo do doo"

I'd say it's quite worth being worried about.

They are not concerned because they know GVH will just throw some free services at them for the inconvience. Everyone loves free stuff. They have not realized that this is the wake up call I have seen coming for months. Not just for them but for a lot of other companies as well if they do not change their setups. This is not a game no matter how many people think it is at this time.

Not trying to be an ass or anything but it is the truth.

 

[MannDude]

Comically there is no WHT thread regarding this. Was it only LET customers who got their passwords reset?..

Someone should post on WHT too and let it be known that GVH customers probably need to secure their data.

 

[kaniini]

No it was not a security breach. Client data is completely safe and has not been leaked. We will have a final statement sent out regarding this issue soon.

What was it then?  I'd be dying to hear your analysis.

 

[hellogoodbye]

I'm a former client (canceled sometime in early March) and I didn't receive any emails about my password being reset, just the one email that was sent out informing people they were investigating the issue. Is this only happening to people with active services?

 

[Aldryic C'boas]

I'm a former client (canceled sometime in early March) and I didn't receive any emails about my password being reset, just the one email that was sent out informing people they were investigating the issue. Is this only happening to people with active services?

It seems that the actual resets are happening to clients at random - which pretty much just reinforces the idea that it was someone running wild with a compromised staff account.

 

[MannDude]

Is this only happening to people with active services?

Apparently not. Someone else mentioned it had happened to them, and they were not a customer at all.

Also the lack of chatter on WHT would indicate it wasn't system wide, but instead isolated to groups.

 

[hellogoodbye]

That's interesting... the timing is quite odd too, I remember at some point last night there was an onslaught of old GVH threads being dug up over at LET by a few members who I guess was taking the "LET = GVH" joke too far. I don't see most of those threads anymore so I'm assuming the admins stepped in and cleaned it up/doled out punishment where necessary. This might just all be coincidence, but could there possibly be a connection between the two?

 

[serverian]

That's interesting... the timing is quite odd too, I remember at some point last night there was an onslaught of old GVH threads being dug up over at LET by a few members who I guess was taking the "LET = GVH" joke too far. I don't see most of those threads anymore so I'm assuming the admins stepped in and cleaned it up/doled out punishment where necessary. This might just all be coincidence, but could there possibly be a connection between the two?

Yeah, me and Spencer did it!

 

[hellogoodbye]

Yeah, me and Spencer did it!

lol.

But in all seriousness, I'd suggest being more careful with your words; people might actually take you seriously.

 

[Virtovo]

lol.

But in all seriousness, I'd suggest being more careful with your words; people might actually take you seriously.

No really they did.  Dragging up threads that is, not sending password resets

 

[toadyus]

Yeah, me and Spencer did it!

I lol'd so hard last night!!

 

[hellogoodbye]

No really they did.  Dragging up threads that is, not sending password resets

Ahh gotcha. In that case I wasn't too sure who started it, though my guess was @serverian since I noticed the banned user icon when I was skimming through the updated threads just now.

 

[rds100]

Yeah, me and Spencer did it!

So you were working undercover for that outsourcing support firm in India, that's how you got access to an admin account for their WHMCS?

 

[raindog308]

I'm horrified/amused that this site exists: http://www.gvhtalk.com 

"Now that GreenValueHost has finally reached the point of stability inside and out..."

 

[serverian]

So you were working undercover for that outsourcing support firm in India, that's how you got access to an admin account for their WHMCS?

All was a part of a masterplan! TO RESET THOSE DAMN PASSWORDS

 

[DomainBop]

Yeah, me and Spencer did it!

Don't try to blame Spencer.  I read in the cestpit it was ALL YOUR FAULT!

After having read through both IRC logs for #lowendbox and #vpsboard, I've decided to lift Spencer's ban and just give him a warning.

serverian was the "organizer" behind all this. His ban remains, he is also not allowed to bla bla bla...

 

[MannDude]

Let's keep this on topic if possible and discuss the likely GVH security breach. Thanks.