Dedicated hosting company Layered Technologies is advising customers to reset account logins after an incident Monday night in which hackers were able to access a client support database. Layered Tech said it doesn't believe that any customer credit card numbers were compromised, but is nonetheless advising customers to change the login credentials on all their servers and underlying services created in the past two years, including webmail, SSH access, MySQL databases and cPanel reseller control panels.
"The Layered Technologies support database was a target of malicious activity on the evening of 9/17/2007 that may have involved the illegal downloading of information such as names, addresses, phone numbers, email addresses and server login details for 5 to 6,000 of our clients," company president Todd Abrams wrote to customers. "Layered Technologies responded immediately to this specific incident by conducting a comprehensive security audit of internal processes and procedures."
The crackers attacked Layered Tech's system through the Cerberus Helpdesk application, according to The Register, which noted that the application has had a number of security vulnerabilities. Last year at this time, hackers used a security hole in the cPanel control panel application to commandeer servers at HostGator.