{
	"id": "665419e5-ad35-478a-8828-ed7bd35b98cb",
	"created_at": "2026-04-06T00:11:40.683432Z",
	"updated_at": "2026-04-10T03:21:59.360476Z",
	"deleted_at": null,
	"sha1_hash": "e064452735c82c3e6e8db7667f0fe6c76669086d",
	"title": "Code Hosting Service Shuts Down After Cyber Attack",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 60765,
	"plain_text": "Code Hosting Service Shuts Down After Cyber Attack\r\nBy Brian Prince\r\nPublished: 2014-06-20 · Archived: 2026-04-05 20:15:01 UTC\r\nA code hosting company has shut down following a cyber attack that erased much of its data, backups, machine\r\nconfigurations, and offsite backups.\r\nThe company states in a message on its homepage:\r\nCode Spaces will not be able to operate beyond this point, the cost of resolving this issue to date and the expected\r\ncost of refunding customers who have been left without the service they paid for will put Code Spaces in a\r\nirreversible position both financially and in terms of ongoing credibility.\r\nVisitors to the Code Spaces website are greeted with a lengthy outline of what happened. On Tuesday, the\r\ncompany explains, Code Spaces was hit by a distributed denial-of-service attack against its servers. Such attacks\r\nweren't uncommon. Unfortunately, this time it was just the beginning.\r\nThe unknown attacker was able to gain access to Code Spaces' Amazon EC2 control panel, and left a number of\r\nmessages for the company to contact them using a Hotmail address. Doing so yielded an extortion demand. When\r\nthe company realized the attacker had access to the EC2 control panel, further investigation revealed the person\r\nalso had access to the data in the company's systems, although no machine access occurred, because the intruder\r\ndid not have the private keys.\r\nThe company statement continues:\r\nAt this point we took action to take control back of our panel by changing passwords, however the intruder had\r\nprepared for this and had already created a number of backup logins to the panel and upon seeing us make the\r\nattempted recovery of the account he proceeded to randomly delete artifacts from the panel. We finally managed\r\nto get our panel access back but not before he had removed all EBS snapshots, S3 buckets, all AMI's, some EBS\r\ninstances and several machine instances.\r\nPatrick Thomas, security consultant for Neohapsis, calls the situation a \"nightmare scenario\" for cloud services\r\ncompanies:\r\nThis is a wakeup call to other organizations that have critical assets on cloud services. Two-factor authentication\r\nand detailed event monitoring and alerting are essential components of any cloud strategy.\r\nOffsite backups have been considered a necessary operating procedure for any sensitive data, but in the age of\r\ncloud infrastructure many organizations think that they can simply pass the buck on backups, getting their\r\ngeographic distribution and redundancy for free as part of going to the cloud. However, anything that's vulnerable\r\nto the same threats isn't fulfilling the original intent of offsite backups. Perhaps it makes more sense to start talking\r\nin terms of diversified backups, to emphasize the broad types of threats that a backup strategy must mitigate.\r\nhttps://www.darkreading.com/attacks-breaches/code-hosting-service-shuts-down-after-cyber-attack\r\nPage 1 of 2\n\nJim Reavis, chief executive officer of the Cloud Security Alliance, stresses that DDoS attacks and other malicious\r\nactivity have caused business outages and shutdowns before among companies using traditional IT, and that cloud\r\ncomputing itself was hardly a factor in exacerbating Code Spaces' demise. He told me in an email:\r\nCloud users of IaaS [infrastructure-as-a-service] like Code Spaces have significant responsibilities in\r\nimplementing security best practices to protect their system availability and proprietary information, as we have\r\noutlined in our security guidance and controls framework. At a high level, tenancy with a robust cloud computing\r\ninfrastructure should provide greater pipes to withstand DDoS attacks than a small business could afford.\r\nAbout the Author\r\nContributing Writer, Dark Reading\r\nBrian Prince is a freelance writer for a number of IT security-focused publications. Prior to becoming a freelance\r\nreporter, he worked at eWEEK for five years covering not only security, but also a variety of other subjects in the\r\ntech industry. Before that, he worked as a news reporter for the Asbury Park Press, and reported on everything\r\nfrom environmental issues to politics. He has a B.A. in journalism from American University.\r\nSource: https://www.darkreading.com/attacks-breaches/code-hosting-service-shuts-down-after-cyber-attack\r\nhttps://www.darkreading.com/attacks-breaches/code-hosting-service-shuts-down-after-cyber-attack\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://www.darkreading.com/attacks-breaches/code-hosting-service-shuts-down-after-cyber-attack"
	],
	"report_names": [
		"code-hosting-service-shuts-down-after-cyber-attack"
	],
	"threat_actors": [],
	"ts_created_at": 1775434300,
	"ts_updated_at": 1775791319,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/e064452735c82c3e6e8db7667f0fe6c76669086d.pdf",
		"text": "https://archive.orkl.eu/e064452735c82c3e6e8db7667f0fe6c76669086d.txt",
		"img": "https://archive.orkl.eu/e064452735c82c3e6e8db7667f0fe6c76669086d.jpg"
	}
}