|
|
|
|
|
|
by aen0
4805 days ago
|
|
|
OVH just confirmed, they were compromised. http://forum.ovh.com/showthread.php?t=88277 (in french). Nutshell:
- attacker brute forced the unique ID used in the reset URL
- they could do it because the unique ID was not random enough
- they analysed 3 years worth of logs (still ongoing to 10) and concluded that only 3 clients (all bitcoin related) were affected. |
|
|