Printed from http://www.electronista.com

Code Spaces shuts down after Amazon-hosted customer data obliterated

updated 07:19 pm EDT, Wed June 18, 2014

Hosting company returning what data it has, left financially crippled by attack

What started as a denial-of-service-attack (DDOS) has resulted in critical loss of data for code-hosting company Code Spaces yesterday. Code Spaces has decided to throw in the towel when someone deleted the majority of customer data after gaining access to the company's Amazon Web Services (AWS) account. The company, which was left compromised and unable to restore data, made the decision to completely shut down.

Code Spaces had previously offered hosting services that were noted as being a source of security whenever a catastrophic event occurred. The company claimed to be host of over 200 companies for "rock solid, redundant and highly available" code hosting and project management. Uptime was said to be guaranteed at 99 percent, with data centers on three continents.

The ordeal initially began with a DDOS, but was later found out to be to someone extorting the company. Cloud Secure found that an attacker -- who the company believes is neither a current or former employee -- then left messages in the Amazon EC2 control panel to be contacted. Realizing that someone had access, employees sprung to action while contacting the person at the Hotmail address.

While researching how its system could be accessed, Cloud Secure ruled out machine access, since the attacker didn't have the private keys. Attempts were made to regain the control panel, only to find that the attacker had created backup logins. Once the attacker found out that control was being wrested away, he or she began deleting random items, according to Cloud Secure.

A large swath of data was a the casualty, as the unknown intruder permanently destroyed Apache Subversion repositories, some of Amazon's Elastic Block Store (EBS) volumes, all EBS snapshots, S3 buckets and several machine instances. The result was that Code Spaces wasn't able to live up to its hosting and backup promises.

Control was eventually restored to the team at Code Spaces, but the damage had already been done. In the company's statement, no mention is made of the backup copies at "multiple offsite locations" the company claims are made with every data change.

"Code Spaces will not be able to operate beyond this point," said a note on the company's website. "The cost of resolving this issue to date, and the expected cost of refunding customers who have been left without the service they paid for, will put Code Spaces in an irreversible position both financially and in terms of ongoing credibility."

The message was available for a short time until the company's website was pulled offline. A cached copy is still available from Google.

In the course of 12 hours, Cloud Spaces went from a company that dealt with common DDOS attacks and offered backup confidence to being completely ruined. Cloud Spaces management is now sifting through the remaining data and working with customers to export what remains.

"All that we can say at this point is how sorry we are to both our customers and to the people who make a living at Code Spaces for the chain of events that led us here."



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Razer Taipan mouse

The list of gaming devices is growing larger with each passing day. A large number of companies have entered the gaming input arena, a ...

Cambridge Audio DacMagic XS

Every computer with a microphone or headphone port has one -- a digital to analog converter (DAC). There are nearly as many chipsets a ...

Sponsor

toggle

Most Commented

 
toggle

Popular News