Server Issues Recap

SFC logo

Dear Small Farm Central customer,

Yesterday, around 11am EDT our main database was deleted. Within a few minutes, our server administrator was working to restore the database from the previous night's backup. This takes a few hours due to the large amount of data. During the restore process, the database was again deleted. At that point, our server administrator removed all remote access to the server and was able to restore the database successfully. We were completely back online by 4pm EDT.

We have determined the cause of the data loss: it was malware (in other words, a computer virus) that was deliberately installed on our server through a security vulnerability. 

We have closed this vulnerability and we are reviewing all of our security processes at this time to make sure there are not any more holes. We are consulting with our server administrator and security experts to make sure that we are following all security best practices going forward.

Since our database may have been accessed during this breach, your password that you use to access Small Farm Central may be accessible to the attackers. We have no reason to believe that the attackers would do anything to your site or figure it out because it would take some very determined work to get that far. It seems like the attacker was trying to extract a bitcoin ransom and had no interest in us specifically. 

To ensure that your website and data does not get accessed by an outside party, we are resetting all passwords and you will receive a password reset notification separately. Please click on the link contained in that password and create a unique password (not the same as your old password!).

If you don't get that email, you can request a password reset email at:
https://sfc.smallfarmcentral.com/forgotpassword

No credit card information of yours or your customers was accessed in this attack.

I personally apologize for the down time and this security vulnerability. I don't take it lightly that you trust me and my company to take care of your site and your data. This is my responsibility as the Founder of Small Farm Central and it hurts to see this kind of attack take place against the business that I have built over the last 10 years.

I will take some heart in the fact that our database administrator was able to restore everything relatively fast and that backups functioned as expected. There was minimal data loss and we have now have an opportunity to use this attack as a learning experience to improve the security and reliability of our service.

We will be reviewing everything over the next weeks and months to make sure this does not happen again.

Thank you for your patience and please let me know if you have any questions.

Sincerely,
Simon

-Simon Huntley
Founder, Small Farm Central

Login    Register
Please Login to post a comment     

Comments (0)