Hey Linode how about addressing the claims that the private and public keys were... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		DigitalSea on April 16, 2013 \| parent \| context \| favorite \| on: Security incident update Hey Linode how about addressing the claims that the private and public keys were both stored in the same location on the compromised manager server. Is that true? And if so, why wasn't it revealed? Did they get access to any credit card information or was it truly just the last 4 digits used for lookup purposes? In my opinion these are the real questions us Linode customers want to know the answers to, sooner rather than later.

FiloSottile on April 16, 2013 | [–]

> Credit card numbers in our database are stored in encrypted format, using public and private key encryption. The private key is itself encrypted with passphrase encryption and the complex passphrase is not stored electronically.

cmelbye on April 16, 2013 | [–]

They did address that.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact