Pretty sad the amount of time it took them to come out and say "Hey, your card info is public". What was it, 24+ hours AFTER it was initially uploaded over Tor? That's plenty of time for someone to do lots of damage. Feel bad for the Staminus employees that had nothing to do with this, surely it'll hurt business quite a bit (and ServerMania abusing the leak and e-mailing their clients even more so).
Pretty sad the amount of time it took them to come out and say "Hey, your card info is public". What was it, 24+ hours AFTER it was initially uploaded over Tor? That's plenty of time for someone to do lots of damage. Feel bad for the Staminus employees that had nothing to do with this, surely it'll hurt business quite a bit (and ServerMania abusing the leak and e-mailing their clients even more so).
That would be correct. Like I said, there was some time where they appeared to be actively attempting to cover it up. No acknowledgement of a breach even as the databases/leaks were being downloaded by thousands of users, users who also reported it directly to Staminus through Twitter and Facebook. They knew about it, more than likely, the literal moment it hit the public 'net, if not before.
Ramnode is just an end customer. So no Ramnode data that impacts customers of Ramnode.
Likely information relative to Ramnode's own account in the dump though.
I don't know... did Staminus at any point clearly say credit card details were public and unencrypted? cause it's a big deal... I didn't see it, but not saying they did ... but that should have been NUMERO UNO since these customers all have to contact their bank and get new card issued.
Matt's a genius, he isn't some off-the-shelf DDOS protection vendor, he writes a lot of code and always has.
Honestly I wonder if he was simply not involved in the security side of things and things kinda went south. Staminus started as an IRC shell company so exploits, root shells, etc, were a day-to-day thing for him so he knows security.
I feel bad for them. Their support was always helpful whenever possible and Matt's been at this for 10+ years. He knows his stuff.
Best of luck to them,
Francisco
I hadn't heard of Staminus prior to this thread and don't quite understand the critique (without prejudice). Intrusion aside, how is it that they've 'hedged the entire business on security theatre' if they only offer DDoS protection and seem to be effective in that area? Or do they offer other security services?
approximately 2,300 previous and current clients included as part of the Staminus breach.
full.sql
- Billing table contains 141,403 tracks of account billing from purchases.
- Account table contains 4,415 users’ details with full addresses, contact details, company details, emails, and encrypted passwords.
- Credit_card table contains 2,042 with full card details.
- Rest of the information seems to relate to Staminus sales, site configuration, billing tracking and other configuration values related to the systems.
3-9-staminus2.sql
Same data as Full.sql as well as data related to DDoS reporting, tickets, and other server-related actions.
Full ticket history with user details, ticket content, and Staminus responses
Staff details with encrypted passwords, email addresses, and Oauth credentials in the format of tokens and generated user keys.
I don't get why there's so many TWATS in the industry, it doesn't take a bloody genius to know it's illegal to use leaked and private information even if it's open on the world wide web. If I was a customer and I got an email because some twat got it from a database leak I would be on their arse quicker than you could say idiots, to a legal team and sue them idiots to get some extra cash on the side. They might take it serious then.
And for the people who ask why we are on their backs, it's NOT the first time this has happened to them. 2012 they was breached. If anyone uses them after this one then they are a twat as-well. Not being a jackass but it really doesn't take a lot to loose respect. If they had a secure system I wouldn't mind, if it only happened once I wouldn't mind. But twice in the same decade.... Pathetic!
Same with WHMCS when they had a database leak, that was by Hostgator's lack of security believing they was talking to Matt on the phone and gave the hackers their password or something. If they did it again you'd think twice. Same with their exploits they knew if someone leaked a big one in the wild again they would die so they try to cover it all up using the bounties, which has found some bad exploits, one which they paid $1K. A big DDos protection side with no security is 10x worse.
It really seems to me like you're taking this to the extremes. I urge you to suggest to me a DDoS Protection provider that supplies the same level of support and service in general for around the same pricing. Beyond that, yes, obviously mistakes were made. Obviously we're highly disappointed in the breach. Obviously, we want to see improvements. But we obviously also love the service and support that they provide.
