We use AWS us-west-1, us-west-2 and Azure Fresno. Azure replaced Linode very quickly after the July incident.
I can't speak for the other folks that were compromised this way, but we decided to just cut our losses and move on at PagerDuty and spent the 30 days after the compromise migrating everything that was running there…
I think since multiple customers were hit by this and are presumably all putting pressure on them about it, their hand may have been forced.
If we presume the attackers had access to the system handling authorization, then the attackers introducing code to ship passwords offsite as users log in isn't really a stretch of the imagination.
This was my post from SomethingAwful, it was copied/pasted here. No idea who copied/pasted it. Rather than writing up a huge reply with more info, I'll link to another reply with more details on this same thread since…
We use AWS us-west-1, us-west-2 and Azure Fresno. Azure replaced Linode very quickly after the July incident.
I can't speak for the other folks that were compromised this way, but we decided to just cut our losses and move on at PagerDuty and spent the 30 days after the compromise migrating everything that was running there…
I think since multiple customers were hit by this and are presumably all putting pressure on them about it, their hand may have been forced.
If we presume the attackers had access to the system handling authorization, then the attackers introducing code to ship passwords offsite as users log in isn't really a stretch of the imagination.
This was my post from SomethingAwful, it was copied/pasted here. No idea who copied/pasted it. Rather than writing up a huge reply with more info, I'll link to another reply with more details on this same thread since…