On 9/21/07, Grant <[EMAIL PROTECTED]> wrote:
> Hello,
>
> As I have previously posted about, my host sent me an email a few days
> ago stating that support tickets for 5,000-6,000 of their clients had
> been broken into.  I checked my records and found that my root
> password had previously been submitted in a support ticket.  I then
> decided I needed to reinstall my system.
>
> I requested that my host allow me access to a second machine for 2-5
> days while I switch over to a clean system, after that I would turn
> the old system over to them and continue with the new system.
>
> My request was denied!  I'm blown away by this.  Was I asking too much?
>

Information that was valuable leaked because they screw it, so, no
matter what terms of service say, they must fix their own mistakes. If
the machine crashes, the data center is burned down to the ground or
the manager's kid pull the plug on the main server, that's a situation
where they can say "not our fault, deal with it". But in your case
their support system had a breach, and thus its their fault. They must
provide you the means to ensure that YOUR information is safe, cause
they caused the incident in the first place. You're unsure about your
information, and information is money.

If I were you I would be backing up my data by now, would then request
a physical backup and after I get it:

1) Send them email about the actions I'm about to take.
2) Move away from their services and look for a better server.
3) Write a cool blog entry about their services and how secure they are.

Of course they could answer the (1) email granting your requests and
maybe you wouldn't have to take steps (2) and (3). Happened to me
once.
-- 
[EMAIL PROTECTED] mailing list

Reply via email to