West Coast Wine Network
Vineyards & Wineries
Promise Cabernet Sauvignon
Muscadine Wines
Three coins wine
Hooker wine
Another view from Chappellet
The view from Chappellet
Hooker Wines - Wine for Rugby lovers
Garnet Vineyards
Lawer Family Wines - Vineyard Estate Rentals in Calistoga
Chappellet Winery
March
Su M Tu W Th F Sa
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Topic Options
Rate This Topic
#389973 - 04-04-2019 19:30:20 We were hacked and lost 2 weeks of posts - IMPORTANT
R. Schiffman Offline
Chief bottle washer
Obsessed

Registered: 11-24-2004 17:08:53
Posts: 3051
Loc: Orem, UT
The short version. Our database server was hacked. The databases were deleted. Our only option ended up being a restore of the backup from when we switched machines two weeks ago.
We feel terrible about it.

The longer version. Our database has been connectable on the Internet for many years. We had some software that connected remotely. We've had a pretty good password. That said, there is apparently a cottage industry with well crafted hacking scripts for hacking MySQL databases. We were hit. We woke up to this message in the only table left in the database: "To recover your lost data : Send 0.055 BTC to our BitCoin Address and Contact us by eMail with your server IP Address or Domain Name and a Proof of Payment. Any eMail without your server IP Address or Domain Name and a Proof of Payment together will be ignored. Your File and DataBase is downloaded and backed up on our servers. If we dont (sic) receive your payment,we will delete your databases."

We love your new content, but we're not gambling that the $250 payment gets anything back.

As part of the new machine and setup, we receive eVault nightly back-ups of the databases. We should have been all ready to go -- except that there has been a lot of changes going on with our hosting provider and the eVault backups weren't going yet.

So, at this point in time. The eVault backups are going in, but in the meantime, we have enough disk now to do a rotating month of backups locally. I've got that started. We've closed the external access hole, so the DB is not accessible on the Net anymore.

Thanks for your patience -- as if you had a choice.


Edited by R. Schiffman (04-04-2019 19:32:38)

Top
#389983 - 04-11-2019 15:47:50 Sorry, we got re-hacked again [Re: R. Schiffman]
Brad Harrington Offline

Owner
Elvis Has Entered the Building!

Registered: 12-12-2000 08:00:00
Posts: 13965
Loc: La Jolla, San Diego, CA
We didn't have the site tightened down quite enough. We made sure that there were no areas that could be manually exploited with the old password and had to go back to a version of the site that was before the hacking began.

We have gone a few days now without a third incident, so I believe we stopped them. I know it is probably frustrating but I do believe we are good now.

Top


Misc. Stuff
Muscadine winegrapes
Muscadine wine collection
2010 Garnet Pinot Noir - Rodgers Creek Vineyard
Promise Wine
Dom Perignon
Chappellet Wine
Lawer Family Three Coins Wine
13 Blackbirds
Old Wine
2009 HdR Last Seminar
Newest Members
Jplotty, mws941, Emily, samishra, PippoMura
1693 Registered Users
Top Posters
Brad Harrington 13965
JFO 13065
TomHill 12126
Marshall Manning 10482
Florida Jim 7733
David Andreozzi 7157
blil 6251
Marc Hanes 5639
BEB 5444
Dave Dyroff 4867