Yesterday Blesta customers received an email from support@blesta.com informing them that Blesta’s servers had been hacked. The criminals state that they’re holding customer data hostage, awaiting ransom payment from Blesta.
Now at first you might think, well, this is just a ransom scam, the sort of “fake breach” emails that circulate regularly.
However…the emails appear fully authenticated, with SPF, DKIM, and DMARC, and were sent through Blesta’s own infrastructure. Eeek.
We should caution that just because someone compromises an email system does not mean they’ve compromised everything. But if what the email claims is true, this is potentially catastrophic. Blesta is a popular billing system, and holds customer data, API keys, automation info, and more. If Blesta is compromised, this breach could cascade very widely.
No word from Blesta yet.
Check out this article on Webhosting Today with full details. Thanks to RackNerd for alerting us to the news!
Related Posts:
Is FOSSBilling a WHMCS-Killer?
BLACK FRIDAY: Shared Hosting From Only $2/YEAR From Limitless Hosting! Cheap Reseller and VPS Deals,...
CPLicense.net Can Outfit Your Hosting Company for CHEAP This Black Friday!
Do We Finally Have a Free WHMCS Alternative With Paymenter?
Shared Hosting for $1/YEAR from Limitless Hosting!
Your One-Stop Shop for Cheap Web Hosting Licensing: CPLicense.net!
raindog308 is a longtime community LETizen, technical writer, and self-described techno polymath. With deep roots in the *nix world, he has a passion for systems both modern and vintage, ranging from Unix, Perl, Python, and Golang to shell scripting and mainframe-era operating systems like MVS. He’s equally comfortable with relational database systems, having spent years working with Oracle, PostgreSQL, and MySQL.
As an avid user of LowEndBox providers, raindog308 runs an empire of LEBs, from tiny boxes for VPNs, to mid-sized instances for application hosting, and heavyweight servers for data storage and complex databases. He brings both technical rigor and real-world experience to every piece he writes.
Beyond the command line, raindog308 has a life-long love of German Shepherd Dogs, high-quality knives, target shooting, theology, tabletop RPGs, playing guitar, and hiking in deep, quiet forests.
His goal with every article is to help users, from beginners to seasoned sysadmins, get more value, performance, and enjoyment out of their infrastructure.
You can find him daily in the forums at LowEndTalk under the handle @raindog308.
Leave a Reply