21 Comments

  1. Ryan Hellyer

    From their announcement post, it sounds like the passwords were adequately hashed, so the only accounts compromised were likely those with very weak passwords.

    Perhaps the DDOS attack is merely a way to distract Linode from finding the compromised accounts.

    https://blog.linode.com/

    Report

  2. Marcelo

    They should use CloudFlare hahaha

    Report

  3. David

    In Glassdoor, multiple employees from Linode said they were told by management to lie to customers about security breaches: https://www.glassdoor.com/Reviews/Linode-Reviews-E617687.htm?sort.sortType=RD&sort.ascending=true&filter.employmentStatus=REGULAR&filter.employmentStatus=PART_TIME&filter.employmentStatus=UNKNOWN

    Report

  4. Eric J

    It sounds like Linode has some sort of NDA with WPengine and PagerDuty.

    Report

  5. Chris Cree

    My own WP Engine account was moved from Linode’s troubled Atlanta data center to another provider in another part of the country this week. I’m grateful that WP Engine took decisive steps to make my hosting life easier moving forward.

    Report

    • sarah

      Who is the new provider?

      Report

    • Toby

      This sounds like a good move for wpE. Many sysadmins I’ve worked with have been running from Linode since 2014 for various reasons — security near the top of them but lack of communications and trust rank higher.

      Report

    • Jason

      Same with us. However we manage over 50 clients’ hosting. They spent a month convincing us that these new Linode servers were top of the line, fast-loading, reliable. After over 24 man-hours we finally got all of the A Records switched over to Linode on Christmas Eve. Literally within hours, the DDoS attacks began, and WPEngine began migrating people *away* from Linode! To RackSpace – the server they had urged us to migrate away from in the first place! It’s not WPE’s fault; they’re only trying to select the best hosting option for their customers. But still, this scenario has been extremely unfortunate and has resulted in 100’s of hours of combined downtime for our clients, and I have the half-empty bottle of Aspirin to prove it.

      Report

  6. skyshab

    So I had been planning on trying out WPengine, and I finally gave it a shot. Moved my two most important sites over. The next day, all this business started.

    lol, talk about bad timing!

    I’m hanging in there. They moved my stuff to a different datacenter, and so far so good.

    Report

    • Michael M.

      I got a free personal trial from WP Engine years ago at a WordCamp and I’ve been using them ever since. As the article mentioned, no host is immune to attacks and I’ve always been very happy with WPE’s service, support, and features. I’ve got close to 50 clients with them now so the last week has definitely been difficult (most setting expectations with those clients) but it’s really the only noticeable downtime in the 3+ years I’ve been a customer.

      Report

  7. Ryan Hellyer

    All of my personal sites are hosted with Linode. My uptime for the past month is over 99%. That compares with around 99.99% for most months.

    Report

  8. Dave

    I have been with Linode for years with multiple sites. However, as of yesterday I have canceled my account with them for good. The only reason that I found out about all this was happening was reading posts on other sites. I never received one single notification from linode… I can excuse a lot but this lack of communication I cannot let go. So good bye Linode… Hope other companies learn from this and the importance of customer communication.

    Report

  9. Chris McCoy

    since wpengine uses linode then of course it would make sense about the breach

    Report

Comments are closed.

%d bloggers like this: