This was our homepage at zyliethebear.com yesterday morning, brought to my attention by our designer as we were working through some mockups for the redesign we’re currently in the middle of. Luckily, it was just a defacement (so they say), and didn’t effect anything deeper than the aesthetics (fingers crossed), but it still feels incredibly violating and unnerving. Apparently this hacker, Tiger M@te,hacked 700,000 of InMotion’s customers, one of those customers being us. The hacker(s) hit all 700,000 in one shot, which is ridiculous, and got through to the entire data center, copying over the index.php files and screwing around with some of the directories. Luckily we had just backed everything up, so we didn’t have to rely on the probably exhausted team at InMotion to help us out, and got things back up and running in about 20 minutes. We’re still looking through everything, and as a precaution have disabled our online store until we’ve had a chance to thoroughly ensure there was nothing else compromised.
But as an experience, it really sucks. When I first saw that screen, I immediately pulled up every service we use that has a password and changed it, edited the credentials and admin settings of every app, email, CRM, database, anything and everything…it was a scramble. I’m glad we happened to be working at 10am Sunday morning, otherwise I don’t think we would have caught it until way later.
The worst part was, we didn’t get one email, phone call, text message or alert from our hosting provider InMotion. There was an announcement buried in the admin dashboard of their site, and nothing else for 12 hours. How could they not have sent an automatic email to every customer the second they realized the problem? We don’t check in on our site as often as we should, and I’m sure there are many customers of their’s that do the same. That’s just unacceptable, and it’s prompted me to start sniffing around for a better hosting option. That’s the importance of security and transparency. I don’t care if your servers were hacked, this guy Tiger M@te hacked Google, so he’s damn good. It’s all about how you deal with the crisis, and these guys didn’t deal with it properly, and they’ll probably lose a lot of business as a result. I feel for them that it was a Sunday, but come on, there’s sensitive information on those servers, and we pay you money to keep it safe and running. If one or both of those things is compromised, you need to tell me. Immediately.