FastHosts are a [CENSCORED]
Writing about web page http://www.covscene.co.uk
I help administer Covscene, a local music website. When I got home last night I logged on as usual to check the forums and delete any spammers before going to bed only to be greeted with and error page because it couldn't connect to the database. The person who actually pays for the hosting was on MSN at teh time so I chatted with her to discover that this had been the case for a few hours by this point. Whilst chatting she recieved the following email from Fasthosts.
From: Fasthosts [mailto:noreply@fasthosts.co.uk]
Sent: 30 November 2007 00:52
To: xxxxxx@covscene.co.uk
Subject: Important information about your Fasthosts account
Dear Customer,
We wrote to you on 18th October 2007 advising that you change all of the
passwords on your Fasthosts accounts (including control panel, FTP, database and
email), in order to prevent any unauthorised account access following the network
intrusion we previously communicated.
Whilst we have found the vulnerability that caused this issue, and have instigated a
system wide security audit to improve and enhance our current security, we also
advised you to change your control panel, FTP and email passwords as a
precaution.
Today we have been made aware that a small number of our customers who did not
change their passwords have experienced a compromise to their FTP space.
As a result, in order to totally protect all of our customers, we have today
implemented an automatic password change for every control panel, FTP or SQL
password that was not previously reset.
In 10 days time we will also reset all unchanged email passwords.
To ensure complete security when communicating your new passwords to you, we
will first take the stringent measure of sending the new control panel
password via Royal Mail. Once you have received your new control panel
password, you will then be able to go into your control panel and immediately
change your FTP, SQL and email passwords. Please note that the email password
reminder system will not work from the time you receive this mail, to the time you log
in with your new control panel password.
If you have already changed your control panel password, you will still need to go
into your control panel and change ALL the FTP, SQL and email passwords
associated with your accounts that haven't already been changed.
UNDER NO CIRCUMSTANCES WHATSOEVER SHOULD YOU TRY TO REUSE
ANY OF YOUR OLD PASSWORDS
We apologise for the inconvenience that this will cause you during this period, but
trust you understand that our primary concern is for our customers and for the
security of their websites and data. Unfortunately, an automatic password change is
the only way of ensuring that all of our customers are totally secure.
If you have any questions relating to this, please contact our Customer Support
team on 0870 888 3600 or customersupport@fasthosts.co.uk, and they will be
more than happy to help you. Thank you once again for your understanding and
cooperation in this matter. Yours sincerely,
The Fasthosts Team
This is all well and good, however we had already changed our control panel password as reccommended a few weeks ago, yet it has still been reset along with all the other paswords. After over 3 hours on hold (@10p/mi) she eventually got through to their support only to be told that they could not give us a new password and we would have to wait to recieve the new one via the post, which they may or may not get sent out today. In the meantime we are unable to access the account via any means to let people know what is going on, or to move the content to another host.
In our case it is highly annoying, any commercial organistion is likely to be losing money. Fortunately my hosting for various other organisations is elswhere otherwise I would be having to field lots of complaints from people who actually could be losing money.
Lee Davis
30 Nov 2007 09:03
| 
Comments (5)
| 
Report a problem
Loading…
Craig
We too have the same issue, we are a software company who provide many websites, all SQL back ended, we were informed today that there are “no managers in” and we would have to wait in the christmas post for our passwords to be sent to us.
Our clients are mainly car supermarkets and dealers who rely on their stock being online to trade, I will be passing costs on to fasthosts for development costs to change ALL passwords for the sql databases, clients email accounts and ftp details etc.
30 Nov 2007, 10:10
Ross
My local webite has gone arse over tit. I cannot log in to my fasthosts account with my usual password. I have received no emails or letters from fasthosts and have no clue as to what is happening ?????
Ross
30 Nov 2007, 10:19
I was going to try and help you Googlebomb this, but realised people were already finding out. Oh teh power of teh blogs… This is one of the most epic of fails a service provider could give. I’m glad I’m not with FastHosts.
30 Nov 2007, 13:04
Lee Davis
I was surprised at how quick it got picked up.
Fortunately we have now manged to get a back on and I have reconfigured the forums etc so normality is restored, however Fasthosts still suck and their control panel system is awfull.
30 Nov 2007, 15:06
sk
Yeh i am also facing the same problem… i tried their phone for allmost 6hr from morning 9’o clock .. but was not able to talk to them… totally exhasted … loosing business … atleast they have to send reminder ..even i cannot login to support site what a mess i am facing today. i hope this problem soon be fixed
30 Nov 2007, 15:07
Add a comment
You are not allowed to comment on this entry as it has restricted commenting permissions.