and I awoke at 4:30am to reboot a server. Rebooting a server isn’t often my job but I had left this one defragmenting over night and wanted to make sure that it got a fresh reboot before the work week began. I planned to be awake for 5 minutes then go back to sleep. But I took a peak at the email and discovered that Third Tier’s website was down. Not just down but down hard. Someone got in and deleted files. Yes, our website got hacked. Our website includes our FTP and Blog as well. It’s all one big interwoven system.
For those that attempted to look up someone on our blog or visit our website that day, I’m sorry. For those that were attempting to use our support portal and found it horribly slow and sometimes up with out-of-memory errors, I’m sorry for that too. This thing took a toll.
Was this random? Was it targeted? Well no one sent me a ransom note so I’m going to assume that it was random. I am getting a whole lot of those spam emails with voicemails, shipping receipts and fake IRS notices sent to me this week. Perhaps it was retaliation for shutting down a forum site that we hosted. The timing is certainly perfect to draw that correlation. A few days prior I discovered that a test forum that Eriq set up years ago was still running. Looking to reclaim some needed resources on our server, I removed it. My thoughts on this hack are that elevated credentials may have been obtained through that software. The forum was an experiment. Eriq wanted to host a forum. I didn’t want to host a forum. (such was a nature of our partnership) He attempted to convince me by setting one up for demo. I still wasn’t convinced that we needed to get into forum hosting and the forum went away. Or so I thought. Little did I know it was still lurking out there waiting to cause a problems.
So here’s the moral to the story I guess: Don’t leave your experiments running! If Eriq were still with us today I’d chide him about this and he would be apologetic and would have been in charge of getting things back up and running again. Instead it was me and I hired this guy to get wordpress running again on our server so I could rebuild. So like a phoenix rising from the fire, behold the new website.
I still have some tweaking to do.