Jump to content

Recommended Posts

  • Solution
Posted

So...  let's pause here for a moment to consider a few things:

  • This does not appear to be an IPS problem.  It appears to be the problem of a specific 3rd party resource provider. 
  • This does not appear to be impacting a large swath of IPS customers, so this would seem to suggest this was not an exploit in the IPS software itself.  
  • The domain does NOT appear to be hosted by IPS cloud.  It's pointed to Hivelocity. 
    • If the domain is supposed to be hosted by IPS, that means the DNS for the domain was hijacked.  (Not an IPS issue.)
    • The domain is not using IPS' name servers...  they're using the default Namecheap registrar name servers.  (This leads me to believe the site is self-hosted)
    • If the domain is supposed to be self-hosted, it looks like the self-hosted web hosting account or their server/VPS, is hijacked or that the compromise happened by some other means (either weak 3rd party resources, other non-IPS software running on the site, etc.)
  • No one except the site owner (the 3rd party resource author) can say exactly what happened with their site and if any data was compromised.  By default, things like credit card and password information is encrypted by the IPB software.  

You might want to reach out to that provider directly for assistance as IPS itself cannot do anything in this case.  

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...