cPanel Support Server Hacked

by Ruchira on February 28, 2013

cpanel logo

 

cPanel Inc. issued a statement asking users who contacted cPanel support service within past months to change their root passwords immediately. This is because one of their support system server was compromised and user submitted server login data are probably stolen.  Here is the official email

From: no-reply@cpanel.net
Sent: Friday, February 22, 2013 12:48 AM
To: ***********

Subject: Important Security Alert (Action Required)

Salutations,

You are receiving this email because you have opened a ticket with our support staff in the last 6 months. cPanel, Inc. has discovered that one of the servers we utilize in the technical support department has been compromised. While we do not know if your machine is affected, you should change your root level password if you are not already using ssh keys. If you are using an unprivileged account with “sudo” or “su” for root logins, we recommend you change the account password. Even if you are using ssh keys we still recommend rotating keys on a regular basis.

As we do not know the exact nature of this compromise we are asking for customers to take immediate action on their own servers. cPanel’s security team is continuing to investigate the nature of this security issue.

–cPanel Security Team

 

cPanel should have used some sort of encryption to prevent customer data is being stolen when these kind of compromises happen. I have seen lot of companies asking for admin/root logins on the support tickets, Yes they have to have that info to resolving troubles with the service. But proper encryption should be enforced for the sensitive data. On most cases they simply ask to provide the info on a reply support ticket which means your sensitive information gets stored on the sql database in plain text. And if you don’t change login credentials routinely, it poses a real risk to you like in this cPanel case.

So my advice is to provide a different password when you submit the logins for resolving problem of anything, Or change the password immediately once your issue gets resolved.

I'm Ruchira Sahan and all posts on this blog are completely my thoughts and writings. I love DIY and Technology. So feel free to contact me for anything about this blog and don't forget to add a comment if this blog helped you! Thanks
Ruchira
View all posts by Ruchira

Last 5 posts by Ruchira

Previous post:

Next post: