Join the community today
Register Now

OVH Allegedly "OVH KIMSUFI DATABASE [LEAKED]"

Discussion in 'Dedicated server hosting' started by SFLC, Feb 24, 2017.

  1. SFLC

    SFLC Active Member

    223
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:18 PM
    1
    10
    Hello everyone,

    I came across this paste titled "OVH KIMSUFI DATABASE [LEAKED]" on pastebin:

    OVH KIMSUFI DATABASE [LEAKED] - Pastebin.com

    I don't know if its legit or not, regardless I recommend that anyone that uses ovh or kimsufi to set up 2 factor auth if they're not doing so already.


    Of course, I'm not going to pay $30 to find out if I'm on this list or not, this will just enable/empower the bad people doing this.

    Again, I don't know if this is legit or not, but I'm in the process of sending this info to ovh so they can investigate it.
     
  2. eva2000

    eva2000 Administrator Staff Member

    55,247
    12,253
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,833
    Local Time:
    11:18 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yeah better safe than sorry - change your passwords and enable 2FA !
     
  3. SFLC

    SFLC Active Member

    223
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:18 PM
    1
    10
    Reported to kimsufi, can't seem to find contact info for ovh, I don't technically have ovh so I can't login to report it, so maybe someone here that has ovh can let them know.
     
  4. Jimmy

    Jimmy Well-Known Member

    1,788
    390
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +990
    Local Time:
    9:18 AM
    Not really seeing any other articles related to this which leads me to believe it's not legit. Probably just a money grab. Of course, I could be wrong. Doesn't cost anything to change a password or enable 2FA.
     
  5. SFLC

    SFLC Active Member

    223
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:18 PM
    1
    10
    Ya better to be safe than sorry, I was able to eventually report it to ovh as well, I'll post their response here.
     
  6. SFLC

    SFLC Active Member

    223
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:18 PM
    1
    10
    Kimsufi response:

    Dear Sir / Madam,

    Thank you for leting us know about this.
    We are checking if it is real threat or not and I will let you know once I will have any news about it.

    If there is anything else please do not hesitate to contact us.

    Kind Regards,
    Jan

    Kimsufi Customer Support
     
  7. SFLC

    SFLC Active Member

    223
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:18 PM
    1
    10
    Kimsufi:

    Dear Sir / Madam,

    So that leakis from 2015 and if was not about our services, but our forum database.
    So it is not real threat for us now.

    But still thank you for sending us that information.


    If there is anything else please do not hesitate to contact us.

    Kind Regards,
    Jan

    Kimsufi Customer Support
     
  8. rdan

    rdan Well-Known Member

    5,451
    1,412
    113
    May 25, 2014
    Ratings:
    +2,206
    Local Time:
    9:18 PM
    Mainline
    10.2
    As stated:
    It's coming from their VBulletin Forum.
     
  9. eva2000

    eva2000 Administrator Staff Member

    55,247
    12,253
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,833
    Local Time:
    11:18 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Ah so it was their forum database being leaked!
     
  10. SFLC

    SFLC Active Member

    223
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:18 PM
    1
    10
    Ya thats interesting, I don't have much experience running forums but I'm surprised someone was able to get at their database as they're not a small company. Then again for all we know it was a disgruntled employee.
     
  11. rdan

    rdan Well-Known Member

    5,451
    1,412
    113
    May 25, 2014
    Ratings:
    +2,206
    Local Time:
    9:18 PM
    Mainline
    10.2
    VB4 (used by OVH Forum) was known to have so many security exploit.
     
  12. SFLC

    SFLC Active Member

    223
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:18 PM
    1
    10
    Yet they continue to use it :blackeye:
     
  13. eva2000

    eva2000 Administrator Staff Member

    55,247
    12,253
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,833
    Local Time:
    11:18 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    OVH has history of not keeping their own stuff updated - their SSL server config was very bad for ages with SHA-1 certs, bad ssl cipher choices and vulnerable openssl version for a while for their forum install. So probably their forum version wasn't updated too.
     
  14. SFLC

    SFLC Active Member

    223
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:18 PM
    1
    10
    Last edited: Feb 26, 2017
  15. eva2000

    eva2000 Administrator Staff Member

    55,247
    12,253
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,833
    Local Time:
    11:18 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yeah I am surprised they don't keep their web stack and SSL configurations in check !
     
  16. SFLC

    SFLC Active Member

    223
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:18 PM
    1
    10
    Ya, I've already decided before that I'm gonna move to hetzner.de, thanks @inthecloudblog, this kinda stuff from them isn't helping. Unfortunately I don't have the time to deal with a server move at the moment but as soon as I get a chance within the year I'm gone.
     
    Last edited: Feb 26, 2017
  17. inthecloudblog

    inthecloudblog Active Member

    199
    36
    28
    Jan 26, 2016
    Ratings:
    +83
    Local Time:
    10:18 AM
    1.4.6
    We hava TG ( Telegram) channel from LET and obviously most have LEB /Low End Boxes. One of the pals out there tried many providers ( mainly offline.net and OVH ) and he did not want to make use ( not sure why) of Hetzner ( that said he is/was not hosting nothing critical : Plex + Helping the Internet Archive).
    Once he tried it he was really glad he went into the server bidding and got some cheap box/es.

    I have 4 x 3770's and 1x 1270v3 and all of them work very good. I use them to help a project and since I use 90% of bandwidth down and they provide 1 gig in free I can't ask for something better as I've tried plenty of providers and asked for several quotes and I doubt someone can offer me a better product for 25-26Euros.

    For those doing hosting : check disks prior to do all your deployment. Some drives are very used . You can return the boxes if you are not happy with how they perform ( for free.. try not to abuse...)

    Their English support is excellent.
     
  18. Sametto Chan

    Sametto Chan Member

    37
    11
    8
    Feb 26, 2017
    Kepler-186F
    Ratings:
    +13
    Local Time:
    10:18 PM
    10.2.9
    @SFLC , Thanks for report! (y)

    OVH really isn't going to import the XenForo Software. But that sad it's been leaked is bad lucky.

    I changed password and TWO-Factor is enabled on my OVH Panel old account.
     
  19. SFLC

    SFLC Active Member

    223
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    3:18 PM
    1
    10
    Xenforo is in my opinion the best forum software I've ever used from the user perspective, last forum I ran myself was over 10 years and if I remember correctly it was phpbb. I'm not much into forums or other communities except this one #CentminmodForLife #LongLiveKingGeorge
     
  20. Sametto Chan

    Sametto Chan Member

    37
    11
    8
    Feb 26, 2017
    Kepler-186F
    Ratings:
    +13
    Local Time:
    10:18 PM
    10.2.9
    Indeed, I prefer XenForo 1.5.X More than 2.0, First i was use forum for XenForo and vBulletin, phpBB, IP.Board, SMF. I don't really remember account from 2009, I was young. Because i sign up for anime forum.