Doug Stewart on 7 Jan 2016 09:23:59 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Time Warner and Linode report possible password breaches

Based on what I've read, it's really bad. Looks like maybe a former employee either is directly responsible or perhaps sold off login credentials to malicious third parties who have been targeting the Linode Manager in particular with the DDoS to make it even harder for Linode customers to process their password resets.

We're looking to get any of our gear that's on Linode off.

HN thread, so take it with a grain of salt, but

On Thu, Jan 7, 2016 at 11:40 AM, Mike DePaulo <> wrote:

On Thu, Jan 7, 2016 at 11:34 AM, Justin Reans <> wrote:
> This article was just published today, and mentions Linode, which is asking
> users to update their Linode passwords ASAP. See links below.
> Original story:
> Linode response:

They state "securely hashed passwords". However, they did not
explicitly state whether they are salted or what hashing algorithm is

> "Effective immediately, Linode Manager passwords have been expired. You will
> be prompted to set a new password on your next login. We regret this
> inconvenience, however this is a necessary precaution."

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --


Philadelphia Linux Users Group         --
Announcements -
General Discussion  --