Los Angeles-based Web hosting firm DreamHost reset the FTP and shell access passwords for all of its customers on Friday after detecting unauthorised activity within one of its databases.
One of DreamHost’s database servers was illegally accessed using an exploit that was not previously known or prevented by our layered security systems in place, said DreamHost’s CEO, Simon Anderson, in a blog post on Saturday.
Even though it couldn’t be blocked, the unauthorised access was detected by one of the company’s intrusion detection systems (IDS), allowing its security team to react quickly and take the necessary mitigation steps.
The company notified its customers about the security breach via email and informed them that only passwords used for FTP and shell access were affected by the breach. Billing or personal information was not exposed, DreamHost said — via redwolf.newsvine.com