The following email has been sent to all users:
Dear Linode customer,
Linode administrators have discovered and blocked suspicious activity on the Linode network. This activity appears to have been a coordinated attempt to access the account of one of our customers. This customer is aware of this activity and we have determined its extent and impact. We have found no evidence that any Linode data of any other customer was accessed. In addition, we have found no evidence that payment information of any customer was accessed.
We have been advised that law enforcement officials are aware of the intrusion into this customer’s systems. We have implemented all appropriate measures to provide the maximum amount of protection to our customers. Out of an abundance of caution, however, we have decided to implement a Linode Manager password reset. In so doing, we have immediately expired all current passwords. You will be prompted to create a new password the next time that you log into the Linode Manager. We also recommend changing your LISH passwords and, if applicable, regenerating your API key.
The following represent best practices in creating new passwords:
- Avoid using simple passwords based on dictionary words
- Never use the same password on multiple sites or services
- Never click on ‘reset password’ requests in unsolicited emails – instead go directly to the service
We apologize for the inconvenience. If you have any questions, please do not hesitate to contact our support team at firstname.lastname@example.org.
Filed under: announcements by sclemens