Regarding the question if the entire HeatWare database was compromised. Obviously, I have no way to guarantee this but I am very confident that this was not the case. Heatware resides on a dedicated server that only myself and the hosting provider has access to. All OS packages and dependencies are kept up-to-date to limit vulnerabilities. Security scans and Firewalls are in place. I've reviewed server access logs and do not see ANY recent logins to the shell. We use a very reputable host with an outstanding track record - hence the high hosting cost and dependence on member donations to keep the site running.
I have reviewed the failed login attempts from the last few days. I am seeing a few dozen total failed login attempts, not hundreds or thousands that you may expect during an attack. For the breached accounts listed above, it appears the first attempt was successful....
I have reviewed the failed login attempts from the last few days. I am seeing a few dozen total failed login attempts, not hundreds or thousands that you may expect during an attack. For the breached accounts listed above, it appears the first attempt was successful....