A Small Orange, my host, went into complete meltdown over the past day or so. It apparently started when one of it's employees had some kind of keylogging virus on his home computer, and logged in to manage the servers from his home computer. In doing so, his password got into the hands of some hackerzoidz.

The user account was then used to completely wipe servers at A Small Orange with names A~D, and added a page instructing users visiting any of the websites hosted there to get a "web accelerator" because they'd gone over their bandwidth. That page linked to a Windows virus, and was displayed for about 30 minutes before it was caught by ASO staff.

So that was fun. My server was hit, (it's called Amelia) and was one of the last to be restored due to Apache crashing using the most recent backup.

I'm not sure what I think of this - my opinion of A Small Orange hasn't changed. I like the way they dealt with the problem using an up to date forum thread, and were open about it. They emailed all of their customers - not just the ones affected with information about what happened.

I'm also glad to see they're adding new security methods, but I'm a little surprised that a service of that magnitude didn't have them in place to start with.