Breaking news today that one of the largest web, VPS and dedicated server hosting providers in Europe that has data centres on Central Europe and the USA has had a major data breach of its customers database + a hack into the Canadian installation server system.
The email states that there was a:
security incident on our internal network at OVH’s headquarters
The email the goes onto say that they have:
immediately secured the infrastructure and started an investigation
It goes into explaining what was breached and what information has been accessed:
We discovered that the database holding European customers’s data could have been illegally copied.
This database includes the following information:
first and last name, NIC, address, city, country, telephone and fax number, and the encrypted password.
For customer piece of mind they explained that credit information is safe due to the fact they themselves do not store that information:
Credit card information are not stored by OVH and have not been accessed.
There was also a hack that has direct impact (in my opinion) on the trust in OVH regarding the actual systems that control server installation processes and access control.
SSH key files related to existing customers servers were breached. Although the keys are only usable from inside a secure OVH HQ system it is still rather alarming!
You can read more on the OVH security breach via the following link:
OVH security breach details