AAPL Stock: 118.88 ( + 1.13 )

Printed from

Code Spaces shuts down after Amazon-hosted customer data obliterated

updated 07:19 pm EDT, Wed June 18, 2014

Hosting company returning what data it has, left financially crippled by attack

What started as a denial-of-service-attack (DDOS) has resulted in critical loss of data for code-hosting company Code Spaces yesterday. Code Spaces has decided to throw in the towel when someone deleted the majority of customer data after gaining access to the company's Amazon Web Services (AWS) account. The company, which was left compromised and unable to restore data, made the decision to completely shut down.

Code Spaces had previously offered hosting services that were noted as being a source of security whenever a catastrophic event occurred. The company claimed to be host of over 200 companies for "rock solid, redundant and highly available" code hosting and project management. Uptime was said to be guaranteed at 99 percent, with data centers on three continents.

The ordeal initially began with a DDOS, but was later found out to be to someone extorting the company. Cloud Secure found that an attacker -- who the company believes is neither a current or former employee -- then left messages in the Amazon EC2 control panel to be contacted. Realizing that someone had access, employees sprung to action while contacting the person at the Hotmail address.

While researching how its system could be accessed, Cloud Secure ruled out machine access, since the attacker didn't have the private keys. Attempts were made to regain the control panel, only to find that the attacker had created backup logins. Once the attacker found out that control was being wrested away, he or she began deleting random items, according to Cloud Secure.

A large swath of data was a the casualty, as the unknown intruder permanently destroyed Apache Subversion repositories, some of Amazon's Elastic Block Store (EBS) volumes, all EBS snapshots, S3 buckets and several machine instances. The result was that Code Spaces wasn't able to live up to its hosting and backup promises.

Control was eventually restored to the team at Code Spaces, but the damage had already been done. In the company's statement, no mention is made of the backup copies at "multiple offsite locations" the company claims are made with every data change.

"Code Spaces will not be able to operate beyond this point," said a note on the company's website. "The cost of resolving this issue to date, and the expected cost of refunding customers who have been left without the service they paid for, will put Code Spaces in an irreversible position both financially and in terms of ongoing credibility."

The message was available for a short time until the company's website was pulled offline. A cached copy is still available from Google.

In the course of 12 hours, Cloud Spaces went from a company that dealt with common DDOS attacks and offered backup confidence to being completely ruined. Cloud Spaces management is now sifting through the remaining data and working with customers to export what remains.

"All that we can say at this point is how sorry we are to both our customers and to the people who make a living at Code Spaces for the chain of events that led us here."

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented