Linode issues statement regarding DDOS attacks: Under control; all Linode Manager passwords have been expired, must be reset
Subscribe in a reader
Subscribe to Philadelphia Tech News by Email
Linode has issued a release summarizing what it has discovered and done regarding the DDOS (Distributed Denial of Service) incidents it recently experienced.
Effective immediately, all (external) Linode Manager passwords have been expired, and must be reset, the company said.
A security investigation into the unauthorized login of three accounts led to the discovery of two Linode.com user credentials on an external machine. This implies user credentials could have been read from its database, either offline or on, at some point. The user table contains usernames, email addresses, securely hashed passwords and encrypted two-factor seeds.
This may have contributed to the unauthorized access of the three Linode customer accounts mentioned above, which were logged into via manager.linode.com.
Linode says it retained a well-known third-party security firm to aid in its investigation. Multiple Federal law enforcement authorities are also investigating and have cases open for both issues. When the investigation is complete, it says it will share an update on the findings.
Linode says it has no idea who was behind the attacks.
Other than responding to some press followup inquiries, it doesn't plan to issue any further statements at this time.
The DDOS attacks began on Christmas Day centered on Dallas, and spread around to different locations in Linode's global network, ending with an assault on its Atlanta data center. Things seemed largely under control by Sunday.
Linode competes in the public cloud hosting business with Digital Ocean and others, much smaller than Amazon Web Services and the other giants.
Yet that smaller segment is considered an attractive market for growth. But Linode may have to do more outreach to assure its customers that it is addressing security concerns.
From its original base near Atlantic City, Linode has been gradually migrating towards Philadelphia. It recntly acquired the historic Corn Exchange Bank building in Old City as its Philadelphia base.