Security Breached. what do i need to do?
So one of my Hosting DA panel got hack.
My 30++ years old "i-got-hacked" cherry has been popped.
It is only sending Spam emails on a few accounts.
All of the password are >20-key generated.
As this is my first, I'm unsure nature of the breach and what i need to do.
I have check a few sites (i.e haveibeenpwn) for breaches, but found none
As a precaution i have:
- Suspended the DA user account and server for a day. (i control both user and reseller account)
- Change all user password in the domain.
- Change SSL (after i unsuspend later)
- Notify the provider of the breach
So do i need to do anything else?
How do i know if its a simple password breach or much worse?
changed the title to reflect nature of the breach
Found the offending pc. office user brought their laptop to a 3rd party services during the weekend.
so far seems to be a spambot, scanned all the other check the entire office pc seems good.
wasted entire day