Jump to content

Supplier hacked

Not Win

By Not Win
in Technical Problems

 Share
Go to solution Solved by Randy Calvert,

Recommended Posts

  • Solution
Randy Calvert Grand Master

Randy Calvert

Posted
  • Solution
Posted

So...  let's pause here for a moment to consider a few things:

  • This does not appear to be an IPS problem.  It appears to be the problem of a specific 3rd party resource provider. 
  • This does not appear to be impacting a large swath of IPS customers, so this would seem to suggest this was not an exploit in the IPS software itself.  
  • The domain does NOT appear to be hosted by IPS cloud.  It's pointed to Hivelocity. 
    • If the domain is supposed to be hosted by IPS, that means the DNS for the domain was hijacked.  (Not an IPS issue.)
    • The domain is not using IPS' name servers...  they're using the default Namecheap registrar name servers.  (This leads me to believe the site is self-hosted)
    • If the domain is supposed to be self-hosted, it looks like the self-hosted web hosting account or their server/VPS, is hijacked or that the compromise happened by some other means (either weak 3rd party resources, other non-IPS software running on the site, etc.)
  • No one except the site owner (the 3rd party resource author) can say exactly what happened with their site and if any data was compromised.  By default, things like credit card and password information is encrypted by the IPB software.  

You might want to reach out to that provider directly for assistance as IPS itself cannot do anything in this case.  

Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...