The cloud service provider, 365 Data Centers, has confirmed they have been hit by a security incident. There isn’t much in the news yet, and probably won’t be, until things are restored as I’ve heard that several government agencies are involved. Their website is also down — ironically we host that for them too.
365 stated that unauthorized access into their cloud regions did in fact occur and has prevented 365 systems engineers from accessing many components of the cloud systems including certain management tools.
365 has not found any evidence that any customer data has been accessed. They assured us that the data and systems operating in our cloud environment are encrypted and secure.
The cloud team and third-party cyber experts have been working around the clock to conclude their investigation and provide their determination the cloud environment is ready to be restored.
During the last two days, we implemented the failover landing page. Please review the content on your landing page and if you would like it updated to include a personalized message, links to your scheduling systems or appointment calendars, or email list signup please email us at [email protected] with your request. We will prioritize updating those pages for you. If we missed your site — I’m so sorry. Please let us know and we will get to that first.
This landing page system is something we spent the last few days building as a response to ensuring that all our websites let Google and other bots know we are “temporarily offline” and not gone. In the future, we intend to use this system as a third location to store daily backups of your site. Our goal is to enable Mai Hosting customers to log in anytime and download a copy of the daily backup of your website. We also intend to support Mai Solution customers in the second phase.
Now that this landing page system is in place for everyone to use, we can start working on requests to reload sites if you have a Sucuri or JetPack VaultPress backup. Please send that request to [email protected] Do not include any login or confidential information in the email. We will contact you directly.
We have always run daily backups of both sites and databases and have validated they worked by restoring sites for customers when a plugin of theirs was hacked or they accidentally deleted something.
The 365 incident has hit multiple data centers and has prevented us from accessing those backups. I continue to check in with my contacts at 365 via phone and text every couple of hours about the status of our backups and our VPDC (virtual private data center). I have direct communication with their CTO and the SR VP of Sales.
I have heartache when typing these updates because I don’t have any new news — they are still conducting their investigation. I can’t begin to imagine how much data they have to analyze — as our data center alone has huge piles of data.
I’m expecting another announcement from them today, but the longer I wait for it the longer it takes for this to reach you. I will work harder to send two emails a day starting tomorrow even if the news is no new news.
As always, my cell phone is on if you need to talk with me. You can reply to this email with your cell number and I will add you to my callbacks.