Fasthosts, “the UK’s number 1 web host”, has fired off emergency emails telling customers to change all their passwords after police were called in to investigate a major data breach.
We’ve asked Fasthosts why the passwords were not encrypted in the first place. It said: “Historically, Internet companies have rarely encrypted passwords to aid customer service.”
Hmm…. “aid customer service”? Not sure that rings true. Particularly when someone breaks into your systems and gains access to your customer database. If the passwords were encrypted then they would still be secret.
Of course, there are many other good reasons for not using Fasthosts.
If I had any sites hosted with them, I’d be moving them away very quickly right now.
Update: From the Register’s discussion on this story:
Any developer worth his salt wouldn’t make such a hash of this.
Nice bit of geek humour.