LowEndBox - Cheap VPS, Hosting and Dedicated Server Deals

Abundance of Caution: If You are a MXroute Customer, Take Action

MXRouteIn a textbook example of good customer service and proper crisis management (even though this is no crisis), MXroute founder and former LowEndTalk administrator @jar disclosed the following:

Github’s documentation is unclear, but based on a message just received in my account’s security log, it is possible that my Github password was compromised.

There’ some reason to think this may be a GitHub issue rather than a anything that happened to @jar.  More discussion on LowEndTalk.

To be clear, it’s a long way between someone’s personal account and anything related to MXroute, so this is an abundance of caution situation, not a reason to panic.

Would I buy from MXroute again?  You bet.  They’ve been a community favorite since 2013.

In fact, I just noticed they’re still offering their lifetime promo, which is a pretty awesome deal.

 

2 Comments

  1. Jarland:

    Just to be clear in every place that I can: I am overly cautious and paranoid about my security and that of my customers. There was no reason for me to reveal anything publicly because quite literally nothing noteworthy occurred. Someone gained one of my very few reused passwords, and it just happened to be that it was used on GitHub because that account wasn’t considered to be important when I created it.

    No unauthorized access to anything can be found. Just one failed login attempt at GitHub thwarted by two factor authentication.

    Me being me, I’ll obsess over it and I still rotated everything of value just because I can.

    September 6, 2022 @ 11:35 am | Reply

Leave a Reply

Some notes on commenting on LowEndBox:

  • Do not use LowEndBox for support issues. Go to your hosting provider and issue a ticket there. Coming here saying "my VPS is down, what do I do?!" will only have your comments removed.
  • Akismet is used for spam detection. Some comments may be held temporarily for manual approval.
  • Use <pre>...</pre> to quote the output from your terminal/console, or consider using a pastebin service.

Your email address will not be published.