On Saturday, September 11th, Open Diary was attacked by hacker(s) who attempted to delete the database that holds our diary writing. The initial attack by these people was successful, and they managed to remove the current set of data files from our servers.
We are currently working to restore all of the lost data, and have a reasonable expectation that we will be able to do so. We were lucky in that the server shut down following the attack, and much of the “erased” information should still be preserved on the disk drives.
Since Saturday, we have been working to bring this data back, but it has become apparent that this task will require several days. I do not want to leave the site offline for any more time than necessary, so I have decided to put Open Diary back in service while the restoration effort continues. To get back into service, we have reverted to a backup copies of our data, which were made in July and August. This means several things:
In the meantime, please use your diary as you normally would. I’ve set the software so that you can write new entries and new notes, and when the restored data comes back it can be integrated back into your diary. You will notice that the “entrycode” number of entries written after today will start with a “2”. This is so that there will be space allocated between the old entries and new entries you create after today.
Obviously, there is great concern about the ability of somebody to be able to commit this sort of attack, and the possibility of it happening again in the future. Our sysadmins are working to determine how this attack occurred, and additional security measures have already been put in place on our servers. These security measures will be expensive, and shouldn’t be necessary on a journaling site (they are more appropriate for an online bank) – but I will do whatever is necessary to secure our data against future attacks.
I am working with the FBI to provide them with all of the necessary information about this attack. Their computer crimes division is the best in the world, and I expect that they will be able to capture the person(s) responsible for this attack. This sort of attack is a federal crime (committed across state lines), and carries a penalty of serious jail time. If the person(s) responsible are apprehended, I can assure you that they will be prosecuted to the maximum amount allowed under the law.
It is the FBI’s opinion that the suspect(s) are people who are past or current users of the site, since they demonstrated some knowledge of how the site works. If that is the case, I believe that somebody in our user community may know something about the attack.
In conjunction with the FBI’s investigation, I am offering a $10,000 reward for information leading to the successful prosecution and conviction of the person(s) responsible for this crime. Information and tips can be sent directly to me at this address: firstname.lastname@example.org, or to the FBI field office in Newark, New Jersey.
Our community of users is the most important part of Open Diary – this place wouldn’t exist without all of you. I want to thank each of you for your patience in this difficult time.
I will post more later, but must spend the rest of today testing the site to ensure that it is running properly.
ADDED LATER: Be assured, if you have paid for an OD Plus subscription, you will be credited for the time that the site was offline. It will take a couple of days to bring the subscriptions up-to-date, but they will be straightened out.