Slicehost Forum User database compromised
rackspace.comI'm not sure if I've been sensitised to PR weasel-wording that these things tend to gather (and get blasted for in HN comments), but it's quite refreshing to see something as blunt as "We apologize for our failure to maintain an adequate level of security on our public Slicehost forum, and for any inconvenience this may cause you."
No "mistakes were made", or "We're sorry if you're unhappy about this issue" or any of the other Non-apology apologies[1]
[1] https://en.wikipedia.org/wiki/Non-apology_apology#The_Perfec...
You probably adhere to Internet best practices
Bringing up this point might be a better thing to close with, after you communicate what happened. This is the real world, miles from best practices.
They really need to provide a few more details as to why they believe the database was compromised, not much of an explanation offered here.
> You probably adhere to Internet best practices
To me that read like an attempt to shift a bit of blame and some subtle framing.
Second only to: "Simple, you just revert to your most recent complete backup"
A couple of years ago I started receiving a lot of spam to rackspacecloudservers@firstnamelastname.com. I've opened support tickets asking whether they had a known breach but they simply closed my tickets without explanation, and any attempt to use their live chats were closed immediately by their staff or completely ignored. I used to hold Rackspace in such high esteem; I wonder what happened?
First Linode and now Slicehost. What's happening to quality VPS these days?
Just a wild guess here, but perhaps the same person who compromised Linode's customer service portal was also trying to see if any of his targets were reusing their Slicehost account credentials in the forum?
Hosting providers being compromised is nothing new.
Probably someone leaking from the inside due to money/incompetence? That makes their PR go worst though. There's a myriad of scenarios.
They can only be upfront and show how well they respond to the situation including mitigating future security issues.
A support forum being compromised is much different than using the company's internal tools to root systems. I'm guessing they use a 3rd party support forum (eg vBulletin). Maybe a vulnerability in it lead to the breach?
Yes - they used Vanilla Forums (http://vanillaforums.org/)
Just logged in but was not prompted to reset my password. Re-read the statement a couple times, but its pretty clear this should have happened.
> Just logged in but was not prompted to reset my password. Re-read the statement a couple times, but its pretty clear this should have happened.
To the forum, or to their management site? Only the forum was compromised, and heading to http://forum.slicehost.com/ takes you here: http://www.rackspace.com/knowledge_center/content/slicehost-...
From the OP's text:
However, if you used your Slicehost forum I.D. and password in other places, including any Rackspace account, we recommend that you change those I.D.s and passwords. In fact, the next time you attempt to access the Slice Manager, you will be required to change your password. If you use the same password for the forum and for your Slicehost account, and you also use an API key, we recommend that you consider changing the API key as well.