Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Wipe US Servers of Email Provider VFEmail (zdnet.com)

Posted by msmash on from the attack-and-destroy dept.

Hackers have breached the severs of email provider VFEmail.net and wiped the data from all its US servers, destroying all US customers' data in the process. From a report: The attack took place yesterday, February 11, and was detected after the company's site and webmail client went down without notice. "At this time, the attacker has formatted all the disks on every server," the company said yesterday. "Every VM is lost. Every file server is lost, every backup server is lost. This was more than a multi-password via SSH exploit, and there was no ransom. Just attack and destroy," VFEmail said. The company's staff is now working to recover user emails, but as things stand right now, all data for US customers appears to have been deleted for good and gone into /dev/null.

7 of 157 comments (clear)

  1. There were NO offsite backups????? by sconeu · · Score: 4, Insightful

    No offsite backups? No tapes????

    Who designed the disaster plan for these guys?

    --
    General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    1. Re:There were NO offsite backups????? by Anonymous Coward · · Score: 4, Funny

      From a cannon. Into the sun.

  2. You mean just the online backup servers... by SuperKendall · · Score: 4, Interesting

    Every file server is lost, every backup server is lost.

    So, that's the online backup servers, but what about the offline backups... there were offline backups, right? RIGHT???

    I am starting to wonder if I don't need to ask every single electronic service I interact with to put in writing what tighter backup policies are. I imagine my stuff on gmail servers is safe... but that is truly only my imagination, who can say for sure even they have offline backups (that can be restored from)??

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re:You mean just the online backup servers... by bobbied · · Score: 4, Insightful

      Also, depending on how nasty they were being, they might have lurked long enough to poison the offline backups too. People tend to not actually check them till something goes wrong.

      AND, when they check, some 70% turn out to be insufficient or not restorable. Most turn out to be nearly useless for anything but giving you a warm fuzzy feeling as you trot them off to offsite storage.

      Having a backup plan is one thing, TESTING your backup plan is the next level.... However, revising your backup plan and TESTING your backups are restorable on a regular basis is the only way to know it will work when the chips are down. IF you don't do all this work, it's NOT really backed up, regardless of how many tapes you put into storage.

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  3. IMAP/POP3 provider... by b0s0z0ku · · Score: 4, Interesting

    Thankfully, VFEmail was primarily an IMAP/POP3 provider. I suspect that the majority of its users had a local backup in the form of an email client with a local store...

  4. No backup can be a feature by b0s0z0ku · · Score: 4, Interesting

    That can be both a bug and a feature. No backups mean that there's no cache of deleted emails. Some users may want the ability to truly delete data, not have it able to "appear" due to legal proceedings 5 years from now.

    I'd say it's on the users to back up their email using a client that locally caches IMAP folders or downloads via POP3.

  5. Sounds like a cleanup operation by misnohmer · · Score: 4, Interesting

    Maybe someone needed an email to disappear to avoid public embarrassment or legal trouble.