Dear Voxel Customer, Yesterday Voxel experienced a series of sophisticated attacks against specific portal tools that we use to support and manage thousands of servers for our customers. While we managed to detect this attack relatively quickly, we are still doing a complete and thorough investigation, something that is ongoing at this time. We are concerned because certain server passwords are stored in these tools. In the meantime, in typical Voxel 'open and transparent' manner, we are reaching out to customers to loop them in on what is going on and what we are doing to resolve the situation: Firstly, in the interests of maintaining security for all customer servers, we have instituted a 'lock down' on our network, and have blocked SSH and console access to your server from the Internet at large. We have also restricted access to our customer portal while we continue our investigation. We realize that these are extreme measures, but do feel that it is the right decision at this time while we determine the exact impact of the attack. Please note that this 'lock down' does not impact your web sites at all. If you need to remove the 'lock down', simply contact us at support@voxel.net and we'll do so on a case by case basis after verifying the integrity of your authentication methods. Secondly, over the last several months, Voxel has been discussing how we handle server passwords in general. We had come to the conclusion that while a single factor (i.e. just a password) for server access is common across our industry, it is woefully inadequate for your needs. It is plainly unacceptable that a single password (whether due to a weak password, an airport kiosk that was running spyware, a malicious ex-employee, or an incident like this) has the potential to wreak such havoc. With this specific attack in mind, we are fast-tracking plans to implement 'two factor' authentication at no cost to you. We expect these plans to be fully implemented and ready for use within just 1 week. We will be keeping you up to date with details of this attack and our transition to 2 factor authentication, as they become available. Voxel is here to help, and we are committed to the continued availability of your mission critical Internet applications. In the meantime, should you have any questions or concerns, please do not hesitate to contact our support department, available 24x7x365 at support@voxel.net or +1-212-812-4190; or email me personally at dutt@voxel.net. Best Regards, Raj Dutt founder/CEO Voxel dot Net Inc.