cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Pay as You Host - Hacked

Midnight_Caller
Rising Star
Posts: 4,167
Thanks: 15
Fixes: 1
Registered: ‎15-04-2007

Pay as You Host - Hacked

‎02-03-2012 2:26 PM

Hi
I got a Phone call yesterday from Pay as You Host informing me that the Pay as You Host servers had been Hacked.
The woman who Phoned me sed for Security I need to change my:
cPanel Password
ftp Passwords
Shee did not say that I need to change my:
Database Password
Should I change it?
Because of this I needed to change my:
PlusNet Portal Password
Force9 Portal Password
I know I should not but for ease I used the same Password what is very hard to remember, made up of numbers and letters and is very long.
Message 1 of 14
(8,664 Views)
0 Thanks
13 REPLIES 13
jelv
Seasoned Hero
Posts: 26,786
Thanks: 968
Fixes: 10
Registered: ‎10-04-2007

Re: Pay as You Host - Hacked

‎02-03-2012 2:58 PM

I have ONE password I have to remember which is for KeePass - obviously that is a password I never have to enter online.
For everything else I have separate passwords - and I frequently use KeePass to generate random passwords (usually 12 characters, upper and lower case plus numeric with at least one of each). Anyone who uses the same password for multiple things is just asking for trouble!
Quote from: Midnight
Shee did not say that I need to change my:
Database Password
Should I change it?

Golden rule: if in doubt - change it!
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Message 2 of 14
(1,212 Views)
0 Thanks
Chris
Legend
Posts: 17,724
Thanks: 599
Fixes: 169
Registered: ‎05-04-2007

Re: Pay as You Host - Hacked

‎02-03-2012 3:12 PM

Hi Gary,
Unfortuantely the Pay As You Host platform has been subject to a security attack. We've patched the vulnerability to avoid further risk.
We've been contacting users of the platform advising them of this breach and that they should change all of their PAYH passwords. This includes control panel, FTP, email login passwords and any other PAYH related passwords.
Former Plusnet Staff member. Posts after 31st Jan 2020 are not on behalf of Plusnet.
Message 3 of 14
(1,212 Views)
0 Thanks
Midnight_Caller
Rising Star
Posts: 4,167
Thanks: 15
Fixes: 1
Registered: ‎15-04-2007

Re: Pay as You Host - Hacked

‎02-03-2012 4:36 PM

Thank you both, jelv I will have a look at KeePass.
I will change the Database Password in a minute.
[Edit] - All done
[Edit] - Thank you jelv I am populating KeePass with my Passwords and Usernames, it looks like you cut and paste the Passwords and Usernames in the fields on to the web site, is that right?
Message 4 of 14
(1,212 Views)
0 Thanks
Adam1V
Grafter
Posts: 223
Registered: ‎31-07-2007

PAYH Servers Breached

‎02-03-2012 7:03 PM

Earlier today, I recieved a phone call from a lady to say the PAYH servers have been breached and our passwords could have been compermised.
Ive tried logging into a number of my domains FTP Access (along with my PAYH main account password) and actually had to reset all passwords.
Whilst I would have done this anyway, does anyone know if the reason for not being able to login was down to PAYH forcing me to change my password or someone else had actually gained access to my account?
Adam
Message 5 of 14
(1,212 Views)
0 Thanks
Oldjim
Community Veteran
Posts: 38,460
Thanks: 1,028
Fixes: 63
Registered: ‎15-06-2007

Re: Pay as You Host - Hacked

‎02-03-2012 7:13 PM

Original topic moved from Accounts and Billing and merged with the most recent thread
Message 6 of 14
(1,212 Views)
0 Thanks
tonysmith123
Dabbler
Posts: 24
Registered: ‎30-12-2007

Re: Pay as You Host - Hacked

‎03-03-2012 8:21 PM

On Friday afternoon I received an email notifying me that I needed to change my password.
When trying to log on to the PAYH Control Panel I found that my user name was not recognised. Consequently I have been unable to enter a new password and am unable to update my website.
PAYH are not available at weekend which adds to the frustration.
Anybody had similar experience?
Message 7 of 14
(1,212 Views)
0 Thanks
Penny
Superuser
Superuser
Posts: 1,216
Thanks: 720
Fixes: 7
Registered: ‎05-04-2007

Re: Pay as You Host - Hacked

‎03-03-2012 11:23 PM

.
I did get a phonecall and changed most of the passwords, however I think because PAYH couldn't contact everyone they changed everyone's (whether already-changed or not) just to ensure maximum protection.
I got a follow-up e-mail saying all the passwords had been changed and giving a telephone number to call between 9am and 5pm including this weekend, the 3rd and 4th March 2012.
Assume you have the number (didn't quite like to post it on here as anyone could call it) - feel free to PM me if not.
Regards,
Penny.
Penny Rollo * * * first signed up for an account with Force9 on 17/02/98 - incredibly 25 years ago * * with PlusNet from 2000 onwards
Project HappyChild - free educational resources for children + schools * my own [personal] webpage is at pennymidasrollo.plus.com
Superusers are not PlusNet staff but do have a direct line of communication into the business to raise issues, concerns and feedback from the Community.
Message 8 of 14
(1,212 Views)
0 Thanks
Midnight_Caller
Rising Star
Posts: 4,167
Thanks: 15
Fixes: 1
Registered: ‎15-04-2007

Re: Pay as You Host - Hacked

‎03-03-2012 11:58 PM

From Pay as You Host  contact page
Quote
Contact us
For information, sales, billing, support or just a general chat you can contact us on the following number: 0114 296 5167
Lines are open 9.00am to 5.30pm Monday to Friday (excluding public holidays). Outside of these hours please email us, particularly for support issues.

@Penny, is that the info that you where referring to?
Message 9 of 14
(1,212 Views)
0 Thanks
tonysmith123
Dabbler
Posts: 24
Registered: ‎30-12-2007

Re: Pay as You Host - Hacked

‎04-03-2012 9:56 AM

Penny - Many thanks for advising that PAYH open this weekend. I have rung them. Only "temporary staff" available and they were unable to resolve problem so I need to contact again on Monday.
Message 10 of 14
(1,212 Views)
0 Thanks
paxy
Grafter
Posts: 254
Thanks: 3
Registered: ‎01-08-2007

Re: Pay as You Host - Hacked

‎04-03-2012 10:59 AM

I too have received an email for my username with a new temporary password, but my username is not recognised?
Message 11 of 14
(1,212 Views)
0 Thanks
Gabe
Grafter
Posts: 767
Registered: ‎29-10-2008

Re: Pay as You Host - Hacked

‎04-03-2012 12:59 PM

I don't know if this is the problem, but if you follow the instructions in the email
Quote
Please log in to your control panel at http://www.payh.co.uk using the above details.

that won't work. You need to use the address in your original welcome email, which would be something like
Quote
https://plesk-host0X.plus.net:8443

Or something like
Quote
http://www.yourdomainname.org.uk:8443

would forward to the same place.
This is not the first time Plusnet's reactive approach to security has been found wanting.
Gabe
Message 12 of 14
(1,212 Views)
0 Thanks
spraxyt
Aspiring Legend
Posts: 10,063
Thanks: 673
Fixes: 75
Registered: ‎06-04-2007

Re: Pay as You Host - Hacked

‎04-03-2012 2:56 PM

Entering my PAYH username at http://www.payh.co.uk worked for me, in the sense that it redirected to the correct https://plesk-host0X.plus.net:8443 address for normal control panel logon. Username had to reentered here and the password was required only at this second stage.
David
David
Message 13 of 14
(1,212 Views)
0 Thanks
Gabe
Grafter
Posts: 767
Registered: ‎29-10-2008

Re: Pay as You Host - Hacked

‎04-03-2012 3:29 PM

Curiouser and curiouser.
The main payh login page has never worked for me. I'd assumed it was the same for all free trialists. Maybe it just doesn't like some of us.
Plus ça change.  Roll_eyes
Gabe
Message 14 of 14
(1,212 Views)
0 Thanks