> > As I have previously posted about, my host sent me an email a few days > > ago stating that support tickets for 5,000-6,000 of their clients had > > been broken into. I checked my records and found that my root > > password had previously been submitted in a support ticket. I then > > decided I needed to reinstall my system. > > > > I requested that my host allow me access to a second machine for 2-5 > > days while I switch over to a clean system, after that I would turn > > the old system over to them and continue with the new system. > > > > My request was denied! I'm blown away by this. Was I asking too much? > > > > Information that was valuable leaked because they screw it, so, no > matter what terms of service say, they must fix their own mistakes. If > the machine crashes, the data center is burned down to the ground or > the manager's kid pull the plug on the main server, that's a situation > where they can say "not our fault, deal with it". But in your case > their support system had a breach, and thus its their fault. They must > provide you the means to ensure that YOUR information is safe, cause > they caused the incident in the first place. You're unsure about your > information, and information is money. > > If I were you I would be backing up my data by now, would then request > a physical backup and after I get it: > > 1) Send them email about the actions I'm about to take. > 2) Move away from their services and look for a better server. > 3) Write a cool blog entry about their services and how secure they are. > > Of course they could answer the (1) email granting your requests and > maybe you wouldn't have to take steps (2) and (3). Happened to me > once.
I couldn't agree more. It feels like I should have a legal recourse in this situation. My Dad is a lawyer but has no knowledge of technical matters. - Grant -- [EMAIL PROTECTED] mailing list