When clients look to outside companies to secure and back up their data, they come in with the expectation that the company practices what they preach. Unfortunately, marketing hype is not always the same as the actual service. In this case, the company was proudly marketing their “redundancy” and “multiple backups to off-site locations,” but the reality is that none of these services were in place to prevent one hacker from completely tearing down the system.
By only gaining access to the company’s Amazon EC2 account, whole swaths of data – including customer information and backups – were removed permanently. Now, with no credibility remaining and payouts to angry customers looming, there’s nothing left to do but shut down operations. If you were working with a company who specializes in security, and their security is lax, how angry would you be?
By Lucian Constantin
A code-hosting and project management services provider was forced to shut down operations indefinitely after a hacker broke into its cloud infrastructure and deleted customer data, including most of the company’s backups.
The customers of CodeSpaces.com, run by a company based in Wayne, New Jersey, called AbleBots, were informed Wednesday that their data might have been permanently lost following the compromise of the company’s account on Amazon’s Elastic Compute Cloud (EC2).
The devastating security breach happened over a span of 12 hours and initially started with a distributed denial-of-service attack followed by an attempt to extort money from the company.
The attacker also gained access to Cloud Spaces’ control panel on EC2 and deleted the company’s digital assets from Amazon’s infrastructure when the company tried to regain control of its account.
“We finally managed to get our panel access back but not before he had removed all EBS [Amazon Elastic Block Store] snapshots, S3 [Amazon Simple Storage Service] buckets, all AMI’s [Amazon Machine Images], some EBS instances and several machine instances,” Cloud Spaces said in an announcement on its website. “In summary, most of our data, backups, machine configurations and offsite backups were either partially or completely deleted.”
According to a cached version of the Cloud Spaces site, the company said that “more than 200 companies a week” used the service.