Twitter, Spotify and other sites suffer outage after cyber attack

Internet infrastructure provider Dyn says mainly US users impacted by disruption

Access to services such as Spotify was limited after the cyber attack

Access to services such as Spotify was limited after the cyber attack

Some major internet companies suffered service disruptions on Friday due to what internet infrastructure provider Dyn said was a cyber attack that affected some sites, mainly for users on the US east coast.

Some US internet users had trouble accessing sites including microblogging site Twitter, music streaming service Spotify, discussion site Reddit and news site Vox, but others found the sites accessible in Europe or via mobile phones.

Amazon’s web services unit said on its site that it had identified the root cause of the issue and was working to resolve it.

“Customers may experience failures indicating ‘hostname unknown’ or ‘unknown host exception’ when attempting to resolve the hostnames for AWS services and EC2 instances,” Amazon said in the announcement on its site.

Dyn said what it described as an “attack” was mainly affecting the East Coast and that its engineers were working on it.

The outages happened as hackers launched a large distributed denial of service (DDoS) attack on Dyn’s servers, tech news site Gizmodo reported.

An FBI representative said she had no immediate comment on the outages.

Dyn is a Manchester, New Hampshire-based provider of Internet infrastructure services, including managing DNS activity that connects a user to a website’s servers.

Dyn’s website says customers include some of the world’s biggest corporations and Internet firms: Pfizer, Visa, Netflix and Twitter, SoundCloud and BT.

A company representative could not immediately be reached to clarify Dyn’s statement, made via Twitter, on the outages.

Reuters

Heard about ‘Heartbleed’? Check your security…

LatPass

LastPass Now Checks If Your Sites Are Affected by Heartbleed

Yesterday we informed our community of the Heartbleed OpenSSL bug. In our blog post, we explained how this security issue impacted our service and what our users should know about the situation. We also built a tool to help our users start checking to see if their sites and services had reissued their certificates, so that users would know if it was safe to start updating passwords for those sites: https://lastpass.com/heartbleed

To help our users take action and protect themselves in the wake of Heartbleed, we’ve added a feature to our Security Check tool. LastPass users can now run the LastPass Security Check to automatically see if any of their stored sites and services were 1) Affected by Heartbleed, and 2) Should update their passwords for those accounts at this time.

The LastPass Security Check can be run from the LastPass Icon menu. Click the LastPass icon in the browser toolbar, click the Tools menu, and select the Security Check.

In the Security Check results, we alert you to sites affected by Heartbleed:

We will continue to update the Security Check recommendations based on which sites we have seen take action and where it is safe to update your passwords. We’ll monitor the situation in general and keep our community posted.

If you’re not using LastPass yet, now is the time to get started with organizing and managing your passwords, and use our tools to generate new passwords for your online accounts.

Update: April 10th, 2:29PM ET

Many users are still concerned about what the Heartbleed situation means for their LastPass master passwords. To further clarify, we do not see a need at this time for existing LastPass users to update their master passwords. That said, if you would prefer to, there is no harm in doing so. We continue to update our LastPass Security Check tool to provide you the latest information regarding potentially-impacted sites. Thanks to our community for the feedback and input.

Read more on LastPass, how it is awesome, free and more on their blog about this security issue…