Just received this email from Media Temple:

Recently we witnessed some malicious activity on our (gs) Grid-Service platform where a hacker redirected some customer websites to a 3rd-party advertising website. This attacker appears to have illegally obtained some older customer data, which included usernames and passwords stored in clear text. Our newer systems now have this same data encrypted. An investigation into this illegal activity is ongoing, with full details forthcoming.

My reaction upon reading? “THEY FESSED UP! NOT MY FAULT! ”

Except they’ve only sort of fessed up. It’s not referenced on their blog or their status page, which sucks. They do have a KB article which describes the same attack my sites and some client sites experienced. Also, there’s Twitter, I guess. There better be a sweet espionage book deal out of this, and I want my name in it. 4pt font is fine.

They’ve reset the admin passwords on a bunch of my client’s accounts, yet no where in the emails do they tell me which account they’re referencing. Let’s play “Try the login!”

At least now when someone asks what happened I can say with confidence, “Don’t worry, it wasn’t my fault, it was the fault of the hosting company I recommended. Your invoice is due on Friday.”