I only run a small local forum and fasthosts have caused nothing but problems over the last year or so. First of all I lost all my content (luckily it was backed up to my home PC). A few months went by and then my SQL server just upped and left, it appears it had enough of fasthosts. Then I went to login this morning and it appears that my SQL database has shat itself as my site is showing nothing but SQL errors :(

This is bad enough for someone like myself running a simple forum, imagine the hassle people must have trying to make a living on the back of all this!

Not sure what is more amusing... people not changing passwords when they've been given notice fasthosts has been ransacked or people using fasthosts for mission critical websites......

I have just been charged a late payment fee!!! They are ignoring all the recent fuss over credit cards and bank charges and if you don't pay within 7 days of your hosting expiring they charge you £20 +VAT!! P.S. They don't tell you about the charge until your renew, in a kind of thank you for your repeat business charge!!

I offer my thanks to Fasthosts for this - I have been debating for a while (since the last debacle) whether or not to move to a different hosting company for me & my clients.

Fasthosts by again showing their excellent customer service have made up my mind for me.

Just packing my bags now.

I have two Fasthosts accounts and as I have my websites generated by WordPress, then the major MySQL database password reset brought both sites down and I was also banned from accessing both FTP accounts.

I changed all my control panel, FTP, MySQL and email passwords on the 18th October when the security breach came to light. Yet, I was still barred from access last night.

Fasthosts is hiding something here, as why would they disable/change my already changed passwords. A second security breach maybe?

Honesty is the best policy here. Own up Fasthosts if there is a second breach.

Also, if user's FTP accounts were breached, the hackers could easily upload sniffer programs to users FTP directories. Fasthosts have never warned the users to look out for suspicious files.

Oh, am I the only one that can't do any work because our websites down?

I have used FastHosts dedicated Linux server in the past, until it was hacked, through a (as it later turned out) a well known vulnerability that was not patched, and all the websites on it were defaced.

That was enough for me to buy my own Dell server, and host it in a professional data centre for £100 per month. Now that I, and only I have complete control over my own server, knock on wood, I have not been hacked in 5 years! All you need is to close all ports except the ports that you need, apply all the patches, and disable all, but critical services.

P.S. and having your own server means that you can do whatever you want with DNS, email servers, etc – something hosters will not (or be unable to) do.

This is not the 1st time that fast host has pulled this trick. I had my clients screaming at me for not being able to access their emails or their bookings( on hosted database), in one case is a private car operator who rely on the database hosted on Fasthosts to manage their bookings - I do not believe he will be staying with Fasthosts for much longer along with many of my other clients.

I'm a Fasthosts customer, for my sins, and had previously been through my account and changed all the passwords following their cock-up. Despite this, I come to check on my site this morning and lo and behold, it's dead in the water courtesy of the database passwords having been changed.

Curiously, this and the FTP account seem to be the only logins affected as the details for logging onto the control panel haven't been reset. Which seems a bit daft.I wouldn't mind but, as I'm sure others will attest, there was no warning, it just happened.

Great - fantastic, they've reset my Control Panel, FTP and SQL passwords (which also takes down my website) with the mail set to go in 10 days... no need to panic though as they're sending a new password via Post...

... which is nice as I'm working in Hungary for a year and post forwarding takes 4 weeks... if you're lucky.

Tried calling them, but that's not happening. Maybe I should have paid attention to the first email... what a shitter.

What a total farce. The person that instigated this change and the timing of it should be sacked along with the person that thought they were competent enough to be given the job. I have 4 fasthosts accounts and so am affected in many areas - web sites down, passwords for email not working, unable to manage domain registrations.

The email says that a SMALL number of clients' FTP areas were compromised so fasthosts have shutdown a large number of their clients sites. This is worse than being hacked because I now just have to wait for the post. I can't call them because their phone lines must be overwhelmed.

I have already wasted time dealing with support calls as a result of these changes and now I need to invest time in finding a replacement provider and transferring over 100 domains since I cannot trust Fasthosts - not the fact that they had a breach but their poor judgement on how best to resolve it.

The key point here is that they did NOT give notice of this emergency password reset. They just did it. And now you cannot use the new details to access the FTP, because the FTP servers do not allow connections.

I only have a couple of clients site's on Fasthosts, I keep my eggs in different baskets, resold to me by a third party, so I was completely unaware that a password change was required, and it turns out that this wouldn't have helped anyway, as even those who DID change their passwords got them changed AGAIN last night.

On a different matter, the article posted on the 30th of November talks of email passwords changing on the 9/10 November, was that a typo? Should it say 9/10 of December?

I changed our passwords after the original intrusion. As a result they were not affected by this forced change. The only problem we've had in three years is a faulty drive controller.

We received an email at 22:27 yesterday evening (Thursday 29/11/2007) informing us that all of our Control Panel, FTP and SQL passwords had been changed, effectively disabling all of our database driven websites and locking us out of every single website that we have hosted with them (approximately 200).

A little bit of warning would have been appreciated. As it is we are now an internet company with absolutely no control over 50% of our business because someone at Fasthosts thought it would be acceptable to reset every single password without notice and then send the master password via Royal Mail on a Thursday/Friday. Needless to say that on Friday morning, this master password has not yet arrived!

I can safely say that we will be removing all services currently hosted with Fasthosts within the very near future (or at least as soon as we can log in).

Fasthosts. The epitome of mismanagement and bad decisions. Thanks for shooting me in the face. Thanks a short term future filled with talking customers through changes to their outlook email passwords. Thanks for completely reprioritising my already hectic schedule. Any other random, sweeping, ill-advised changes i can look forward to for Christmas?

I spent a goodly amount of time changing my passwords, as advised, after the original debacle, and like others above, I now find that they gone and reset them anyway.

Bunch of tossers. Time to move.

If a small selection of accounts have been compromised, then just reset those account details. If you want to target people who haven't changed their passwords since the last hack then just reset theirs. To put a large selection of your client base through a major inconvenience because of the lax security of a few is ludicrous.

I agree with the earlier poster - it does seem like they've been hacked again and had all their passwords siphoned off. Unfortunately it's likely that we'll never know. I'm looking forward to the day when companies are legally forced in the UK to publicly report in a timely fashion any security breaches resulting in the exposure of customer data.

I forgave them after the previous incident. Now that it's happened again, I'm outta here. Any recommendations?

@AC. I've been abroad for the last two months (returned last night) and was unable to change my passwords, thank you. I certainly wasn't expecting the country's biggest host to get hacked in the meantime.

Now I'm locked out of my sites until snail mail decides to send new passwords in a few weeks (that's assuming the postal workers don't go on strike again or they get lost in the Christmas deluge).

Some sort of financial apology from fasthost would be in order if they want to keep my custom -otherwise they can all burn in hell

Ok, none of you lot who replied have any excuse - you read The Register, I do to. All my passwords on our three Fasthosts boxes were changed within minutes of catching The Register story, and long before the weasels at Fasthosts actually bothered to tell us of the problem.

If you have a hosting account with anyone, you have to pay attention to security announcements - and you can't claim Fasthosts gave no warning, you've had AGES since the hack to get your passwords in order.

Not that Fasthosts are a shining light in the hosting world, by any means. I wouldn't host anything more with them now because of this.

I changed my passwords - they reset them anyway.

I am totally locked out of my website and SQL is broken.

How can Fasthosts be so damn stupid.... it's incomprehensible.

Like many others, I changed all my passwords back in October when the first balls up came to light, then moved my important bits to another host. When I tried to log in to UKReg this morning to complete the move and change my IPStags to my new DNS host, low and behold I was met with the 'Wrong Username & Password' message. I thought, 'right maybe its me and I've genuinly forgot my password' so I clicked on the Forgot Password link only to find "Unfortunately this service is unavailable at the moment. Please contact Customer Support for assistance.", so I try to call customer support and get "All lines are busy".

I'm now left sitting at my desk with UKReg/Fasthosts on redial contemplating driving up to Gloucester to speak to their 'Customer Support' face to face, if anyone wants to car pool drop me a line.

Does anyone have a phone number other than 0870 888 3600 for Fasthosts, I need to give off, but haven't been able to get through all morning!

ARGHHH!!!

We have 100 domains with an average of about 4 emails per domain with them. Since they have no export function I'm going to spend a good hour putting together a list of all our emails.

Then generating random passwords for them all and writing a script to mail the new passwords to them all.

THEN wait for the shit to hit the fan in 10 days when most people's emails stop working.

And I can't even start on this until my master CP password arrives through the post :(

Our control panel passwords were changed following their previous recommendation, however they have still reset them

We discovered our site was down around 10pm, we didn't receive the email until 00:54, my colleague finally managed to get through to support around 03:30 who claim to be unable to do anything and we must wait for the new passwords by mail, however they couldn't even guarantee that it would be mailed today, therefore at the earliest it will be Monday before we can get back up and running, with the vagaries of royal mail it could be much longer.

Fortunately all my critical websites are hosted elsewhere, unfortunately we can't even access this particular one to shift the content to another server.

I guess they are right from a security point of view you can't get much better than locking everyone out, from a business point of view they couldn't have handled it worse. I certainly won't be giving them any more money.

I moved away from Fasthosts many years ago when they shut my account down for abuse of their T&C's

Apparantly, because my site was popular and a lot of people downloaded files (I was part of a group who modded games) they said I was breaking their T&C's by allowing non Web traffic.

I argued that a zip file is web traffic as it was being downloaded via the web site and not FTP but they said nope, it was non web traffic as it was not html and my account was suspended. FFS!

They only did this becuase my site was popular and had a lot of traffic. So, I can only say how sorry I am to all those caught up in this as I know how frustrating it is dealing with these muppets and I hope that Fasthosts finally lose a large section of their customer base and people realise what a bunch of idiots they are.

... after the first hack. They have now been changed again by Fasthosts.

So yes, I do pay attention to security announcements. And no, I have no idea why they decided to reset my details and others who took the same precautions.

Their fubar, not mine. Their responsibility, not mine. Still my problem though.

I changed all my passwords as soon as I read on the register of the problem on the 18th of October, the second passwords to be changed were the database ones, howerver this didn't prevent FH from resetting them and 4 ftp passwords that I had also changed. FH had previously warned me of 2 ftp accounts that I had overlooked, which I deleted as they were no longer used (and didn't have access to anything).

the timing was dreadful, the lack of notice is appaling, and yes I will be changing hosts.

The way Fasthosts works is like the IT department of yester-year. An arrogance - "WE know best, you're just a dumb user!". Remember those days?

Well, the retard who should have stuck to sitting in a darkened room programming has somehow got to a position of authority and is still acting like those long-gone arrogant IT dinosaurs.

This is not customer-service. This is not good management. This is not professional. It's a sweeping "we will do this because it's easier for us and we know best what is safest".

Well, patently they don't. They forget that they are dealing with IT professionals of equal if not better abilities.

Anyone with a modicum of sense would have thought the problem through and done the important thing which is KEEP THE SYSTEMS UP! A moment's thought would have revealed that sites in this century cannot be offline for several days while the postman does his thing. But then, why should this bother Fasthosts?

I'll tell you why. Because the money saved in cheap hosting is money lost from disgruntled on-line customers. I cannot, and will not, keep my sites in a place where they are exposed to such unimaginative and unintelligent handling of security issues. Can you blame me?

Would it have been so hard to send an email telling all customers of the problem, urging them to have all passwords changed within 24 hours and then putting in place measures to support those who for one reason or another did not change their passwords? Is it really necessary to "validate" authentic owners by posting passwords to the stored postal address? Could not the same validation be done on-line or on the phone using this and the plethora of other data held by Fasthosts? Could not "The Team" call the phone numbers which are also held by Fasthosts to explain and support? A quicker, cheaper solution and as secure as using postal information? If I can sit here coming up with better customer solutions over a cup of coffee, could not those paid professionals at Fasthosts come up with something even more elegant and efficient?

Shoot the dinosaur. Heads must roll at Fasthosts.

01452 541499

01452 541250

01452 541251

01452 541252

Fax: 01452 538485

Whether someone changes their password or not, what has it got to do with fasthosts? If people are stupid enough to not change their passwords and allow their accounts to be compromised, more fool them - as long as fasthosts have warned them to change it, the customer would have no comeback. I can't help thinking something here is being covered up.

This latest change is a complete farce. I changed my passwords and now find myself thrown out of my acccount. Cheers fasthosts. Couldn't organise a piss up in a brewery.

Mass legal action for loss of profit anyone and associated costs, anyone?

01452 541499

01452 541250

01452 541251

01452 541252

Fax: (0870 8883555) 01452 538485

0870 8883500, 0870 8883530, 0870 8883700 & 0870 8883800

don't let fasthosts profit from their own misdemeanors, call tech support on the local number:

01452 541499

at 3am i was number 25 in the queue. good luck getting through!

just wanted to add +1 voice for "i changed my passwords when told to, they still locked me out".

fasthosts = incompetence by another name

Use www.saynoto0870.co.uk

0870 888 3600 came up with Fasthosts Internet Ltd 01452 541499

And other information:

01452 541250 /01452 541251 /01452 541252

Fax: (0870 8883555) 01452 538485

Also for 0870 8883500, 0870 8883530, 0870 8883700 & 0870 8883800

Ask for a new password over the phone, they will do it after 3 hours on hold, and 6 security questions. 3 hours on an 0870 thats £15 on which fasthosts must getting a revenue share ...we've changed the passwords on 2 out of our 178 domains we manage - think 500-800+ passwords to change including emails! But even after the change we still can't FTP

BMSoftware

Unbelievable!?!?!? How about a warning that failure to reset your password would result in an automatic reset? Or how about posting the new passwords prior to the reset so we can log in again imediately after the reset? I have, as i'm sure many do, an important launch on monday which NEEDS the website updating. Will they give me a temporary password if i call? Given that it will take days to get through, maybe it's best to wait for the post - i can always redirect the website to a holding page till then.... oh no, wait, I can't.

Right, so who should i move my hosting to?

This makes you wonder if the reviews and recommendations they display on their site are fakes?

http://www.uksbd.co.uk/directory/index.php/2007/are-fasthosts-faking-reviews-and-recommendations/

Only Fasthosts could have poured contempt on their customers in this way! I run a small business - fasthosts have now disabled my website - rendering it useless, (even though I changed the passwords as instructed last month). I will now loose business in what will be one of my busiest weekends of the year. If I survive this, I will move my online business to another host.

Heads should roll at Fasthosts - but they probably wont. Vote with your feet - find a host that doesn't show such contempt to their customers!

Count me in. And if I can work out a way to successfully move 100+ domains without causing my customers grief before my reseller account renews in Jan I'm off. I also changed all the requested passwords from the original PDF on the day it was sent. I don't really want to run a dedicated server but they've just tipped the balance of work decidedly in favour of it.

It's very true that you get what you pay for and, aside from a couple of minor gripes that could happen on any shared server system, I've been more than happy with the return from FastHosts up to the last couple of months. I was fairly unimpressed with the original issue but it's the cackhandedness of the response to this one that is just unacceptable - and I'm one of the lucky ones in that at least all of my sites are still up.

I'm also working abroad and won't be able to personally see any post they send me; fortunately it can be securely read for me. On this subject though, I also have a tip for those of you who've been told they've reset your CP password: I think they've said this in the PDF even when you changed that as requested and they've only changed the Admin one, not the overall CP one, if you didn't change the Admin one as well.

Enough is enough, can't get hold of anyone on support, changing passwords for all email accounts, web accounts etc. etc. etc. wasting time painful process - moving to Rackspace....

@#!*?!!

oh, pardon me, I thought you said Royal Mail

Some spotty little work placement student has pressed the BIG RED BUTTON and some numpty at Fasthosts thought it would be a good idea to fill all of their customers full of crap.

This stinks of a major blunder and a rubbish cover-up to me, no-one in their right mind would knowingly agree to this kind of service. I don't really know how good Heart Internet are, but they're getting about 200 new hosting accounts from us!

I think Fasthosts will suffer reatly after this, their latest little cockup.

okay, I must be missing a step here.

why on earth was Fasthosts storing passwords in a clear text format in the first place?

we run a rather large blogging community, and even if our system was hacked, the list of passwords would be completely useless to them. our passwords are stored using a special encryption.

where they using the standard linux "passwd" mechanism to store the passwords?

i think more questions need to be asked in how the passwords where being stored.

"Mass legal action for loss of profit anyone and associated costs, anyone?"

if you know of anyone in the legal industry prepared to take a look at this then count me in.

Cheers

Having changed all the FTP passwords as advised in October, I now have to do it again? But also the email addresses as well?

With hundreds of accounts on a reseller package, this may take a week, and your control panel is already struggling.

Please reconsider this email debacle if you want to keep us.

Blaming this on people who did not change their passwords is a red herring and I smell this fish. If they had not been changed, you should have done it for them there and then. Simply incompetent.

Given the amount of angst this is causing, and given that they have "closed the vulnerability through which access was gained, and have taken steps to ensure that this cannot happen again", might I suggest that they revert all passwords which they changed en masse (and not those changed since) to those current before this farce began?

I think we have now got the message that someone wants us to change our passwords.

Can this be a risky strategy since they "closed the vulnerability through which access was gained, and have taken steps to ensure that this cannot happen again" back in October?

And on a risk management basis, getting the majority of users back on-line far outweighs the chances that a hacker is standing by to wreak, what? Havoc?

I think even the most successful hacker could only dream of causing this much chaos.

I'm also with Fasthosts, and in general been very happy with them (it's just a personal domain, web @ email) - on the few occasions I've delt with support they've been good.

BUT

This password change is crazy.

I changed all my passwords except 1 (my wife's email) when I heard of the hack, so reading this I was expecting to have to reset her email to somethign she'd remember, but no, just logged in via webail using the old (and not very secure!) password with no problems!

Agree with the earlier poster - to fix this you send a warning email and post replacement passwords in advance. Its not that difficult to figure out surely...

I've watched this and other horror stories unfold over the years and thank the heavens that when I chose to move in '99, I chose well. I have never had security issues with my current provider who are on the ball when it comes to 'sploits, patches, upgrades and the like. And I'm joined by some of the big names out there... Tom's Hardware (THE hardware review site in the world) being one.

Vote with your feet, switch providers to someone who believes that customer service and security are not necessarily exclusive of each other. Viva Pair.

Depending on whether your customer sites are Unix (BSD/Linux) or Windows based, moving all of them across to a reputable service (like Pair Networks like I've done) should be fairly straight-forward. They also offer resellers significant discounts (I'm too small to be a reseller, but I've looked at their programmes), so it may be useful into looking at them.

The only negative (if it is a negative) would be that they are based in Pennsylvania (and hence under US jurisdiction).

How many stories like this (not just Fasthosts, many other low cost hosting companies) do you need to read before you get a clue?

If your business can loose money/reputation through downtime, either pay for a quality host, multiple hosts, or at least drawn up (and if possible rehurse) plans for moving hosts (using your backed up sites/data) asap.

We use fasthosts for domain registration (and have DNS servers at two other separate locations). We changed our passwords when advised, and they were not locked out yesterday. I think some people on here may be telling porkies to cover their arse cos they didn't act in time...

Just to say, I have been using them as one of my baskets for some accounts, as to date they have been fantastic.

They respond to queries rapidly and are very knowledgeable.

But then, Fasthosts were like that once, weren't they?

Just to really cover my arse, I haven't had any problems with Heart, and would recommend them, but your mileage may vary, as well as your needs from the service.

Just a thought, but does this constitute "negligence" and can we bring what I believe the Americans call a "class action" against Fasthosts for loss of business?

Given that it is Christmas, a major retail spending "peak", a lot of people will be losing a lot of money over the weekend.

Anyone have a "qualified" legal opinion on this?

We have over 300 websites spread over 3 Fasthosts reseller accounts. Every one of them is now queued to be shifted to one of our other reseller accounts with a different provider.

Should I wait for Fasthosts to give me another reason to shift the dedicated servers we have with them as well? Hell no, that's next in the job queue!

I see several people saying how good their current hosts are. Any chance of naming the good hosts so that the poor sods with FH can actually switch???

For shared hosting and reseller accounts I can recommend Catalyst2.com - support is great with no problems.

Just to let you all know, they've done and ISP classic, switched off the phonelines!!!

Firstly, at voshkin... if you have a DEDICATED server, if it gets hacked it's your fault... no good blaming the hosts. That's like blaming the electricity company - not their fault. If it was a MANAGED server, different story, but still possible that you put some vulnerability on there (phpmyadmin, awstats, etc).

Now, at everyone who said "how about some warning" or "send out the new passwords before resetting them all"... this was an EMERGENCY procedure! Originally they weren't sure if the hacker had the passwords in a usable form, now they know because some bugger used them to put nasties on the servers... that means that they didn't have time for any warnings.

And for whoever said "if they haven't changed their passwords, that's their problem if their account gets hacked"... it isn't - it's everyone elses problem... because there is then another site hosting malware/selling drugs/etc, which means they'll then want to promote said site, for which they'll use an email account (which they have the details for) to send out spam (using authenticated SMTP - the scum), which makes it EVERYONEs problem.

I happen to think that they've done something sensible here. The only issue is for those who did change their passwords and now have to wait for new ones - maybe you changed your password too quickly? I expect they took a copy of the database as was and have now compared the current one to that one... maybe they didn't have a working backup from before the attack (oops), and realised afterwards so took a backup then??

Just think about things before you start flinging blame.

We (as a company) will be sticking with fasthosts. We have 3 dedicated servers with them and are very happy with the service, especially at the price (one customer moved their dedicated server and saved £150/month and got a better connection - they're particularly happy!).

I was told by FH SUpport that 73% of customers had not changed their control panel passwords, and if the CP password had not been changed, then everything in that account was included in last nights reset.

I guess this means that if you were putting your customers passwords at a higher priority than your own, then you were punished by the blanket change.

What a laugh this morning - Fasthosts automated support mail said my dedicated server was offline because I, like so many others, hadn't changed my password, when of course I had.

Finally got through on the phone to discover they had actually DELETED MY ENTIRE ACCOUNT IN ERROR, instead of deleting just one of my dedicated servers which expired yesterday with impeccably bad timing. I should be thankful that they were able to rescue and reconnect my box before they formatted it, or even worse reallocated its IPs. So we were only offline for three hours.

Now I can use all the time I have saved in not having to rebuild this server for resetting all the email and ftp passwords on my other reseller account.... or was I supposed to be doing someting else? A single mailbox password change just took about two minutes while the control panel server groaned under pressure - I guess I won't be going out tonight then after all!

Oh Joy - and to think I actually recommend this supplier to my clients!

We too walked into work this morning to find nothing online working!!

No additional staffing at customer services!!

Will be closing my account asap

One of my websites co-ordinates charities that rescue dogs from being destroyed in Ireland and finds them homes in England, since last night the SQL Database password has been changed and no one can access the site - this is literally Life or Death for countless dogs due to be put to sleep in Ireland.

I like many others did not have any warning abouth this nor did I recieve an email about the original security breach.

Along with the rescue work, small charities sell christmas cards through the site, so it iwill be hitting everyone hard.

I cant get through on the phone and they are not answering emails, they even kindly shut down the password reminder on the support site, if this was working, I could fix the problem myself.

I think we will be investigating the possibility of legal action against fasthosts for this situation

...they do nothing?

Granted this is closing the stable door after the horse has bolted - but seeing as most people will have ignored the email and they will have monitored activity on password changing would you rather they took no action?

Clearly this is a reaction to a situation and we as outsiders don't have the full details - perhaps you should count your lucky stars that your card details haven't been stolen (or have they). And if you don't like it move YOU pay YOUR money and YOU take YOUR choice.

If you're on shared hosting it's probably because you don't the the skills to host your own dedicated server or you're looking to blame someone else when it screws up - glass houses and stones.

Give the engineers a break they'll be as p****** off as you are about the breach, after all it's their professionalism that suffering here.

As I understand it, the hacked passwords were not in a database, but in plain text. They were used to support the 'Forgotten Password' tool that is currently switched off on the Fasthosts site.

So, this "Emergency Procedure" was triggered one month after Fasthosts realised that plain text is not a good security policy. During that month, they had plenty of time to notify customers that the password would be changed by force.

Which part of what happened last night do you consider 'sensible'?

What other ASP.NET2 hosts are out there? Any recommendations?

Here's an example of a Fasthosts 'Best Practice' approach to passwords - here is a quote from their site (on the forgotten login details page)

"Quick tip: Once you have logged in, why not update your password to a more memorable word?"

Great idea Fasthosts!! You should publish that as an industry wide standard.

Some people have posted comments to the effect of 'well you should have changed your passwords and read your emails', well please, up yours. We changed all our passwords immediately which was an immense hassle and still all our passwords were reset last night. Not only this but we didn't even get an email informing us of this or have heard anything back from customer support.

I won't have access to the snail mail address for weeks so looking at a long time down for the website, at the most lucrative time of year.

This is criminally negligent, I urge, nay beg all of you with fasthosts to leave at the earliest possible opportunity. We are in the process of moving right this second.

I only wish there was a representative nearby that I could punch repeatedly in the face.

and thankfully came to the conclusion that they were cr*p.

I use Titan Internet to host my sites. No, I'm not related, friends with them or anything - they are just very very good indeed.

But you get what you pay for. People who used FastHosts because they were "cheap" are now finding out why. If your server is mission-critical - spend money on hosting - otherwise you only have yourselves to blame.

I've been using Goscomb Technology for a few years. I think I've had about 15 mins downtime over the last 4 years.

Why would you want to use a provider that charges extra for things that come free elsewhere, like £50 a year for one MySQL database?

They won't even let you run Cron jobs!

If you want proper hosting, go to a proper hosting provider.

Many of you will be looking at the possibility of legal action against this "company". Unfortunately, we have all agreed to the following when subscribing to their services:

"Customer agrees that it shall defend, indemnify, save and hold Fasthosts harmless from any and all demands, liabilities, losses, costs and claims, including reasonable attorney's fees asserted against Fasthosts, its agents, its customers, officers and employees, that may arise or result from any service provided or performed or agreed to be performed or any product sold by customer, its agents, employees or assigns. Customer agrees to defend, indemnify and hold harmless Fasthosts against liabilities arising out of; (1) any injury to person or property caused by any products sold or otherwise distributed in connection with Fasthosts' server; (2) any material supplied by customer infringing or allegedly infringing on the proprietary rights of a third party; (3) copyright infringement and (4) any defective products sold to customer from Fasthosts' server."

Now, whether those clauses would stand up in a court of Law is another matter altogether.

What amazes me is that when I signed up to their services, they did absolutely nothing to verify my home address was correct, and instead, verified my e-mail address exists. So why are they now sending MY password to an unverified address?

Seems like Fasthost's/UKREg's/Watever "management" have just ASSUMED. And that's all they've done over the past three months.

And, we all know that to assume makes an ass out of you and me.

My bags are ready, I'm just waiting on my new randomly generated (hopefully... knowing them it'll be set to "changeme") password coming and then I'm offskie!

A list of alternative suppliers:

www.UK2.net

www.csnewmedia.co.uk

www.equiphase.net

www.dedipower.com

Yet again, Farcehosts live up to their name.

That's what you get for hosting with a bunch of amateurs on Windows boxes.

Try www.pair.com, competent and been around since the dawn of time.

Referring to the Anonymous comments that what Fasthosts have done is sensible...

Are you serious? Do you really think that changing EVERYONE's password without warning makes sense? With no efficient plan for getting users back online or beefing up customer support to handle the increase in workload?

Come on, this beggars belief.

The most absurd part of the whole thing is posting passwords. Surely it is not beyond their engineers to email new passwords to everyone? Less effort, quicker and cheaper.

But no. They're all up there stuffing envelopes and sticking stamps. Unlike those Fasthost customers who sell through their websites...

I too have had this issue and to be honest its pretty much made me decide to look for another provider , they have not been a great host of late,well in my experience.. bye bye fasthosts my blog is down- cant log in to change password,,you really know how to treat customers ,where was the notice for the instant reset of all passwords?? ....Just a simple email with a reset password link should suffice since no one will have my access to my email..at least to reset and prove who I am for other passwords etc but royal mail me my password?!! this whole weekend ill have no access for my ftp or sql db!!! this is unacceptable..I wonder what the real story was ?...

I jumped ship in the summer after 3 years of pain and frustration and closed down my reseller account. You can't run any sort of web hosting business as a reseller with Fasthosts as you will always be letting your customers down due to things like this. I don't know how they are still in business running such a poor level of customer service. They need an IT Gordon Ramsey in to kick some backsides starting with the Fasthosts management.

The arrogance of these people is astounding - to arbitrarily change all passwords THEN inform people retrospectively is a disgrace and borders on the criminal.

That they have done this to those of us who had ALREADY changed our passwords is not only negligence, but extreme incompetence.

Class action anyone? if so, I have already discussed with lawyers and they suggested keeping in touch - email me at brianinfrance2-fasthosts (at) yahoo.co.uk

Regardless of what has happened, it is very frustrating to be so helpless in the situation

Our SQL sites don't work after the password change, but we cannot even get in for a temporary fix, at the very least a holding page informing people of what is happening or a redirection to another server where we can offer some functionality.

We have experienced outages before, and all cases have managed to maintain some form of service whilst the problem is fixed, but in this case we can only observe and hope FH come up with a solution

Haven't used them for a while, but for about 3-4 years, I used Giacom (I started with Fantastic Internet). I found their staff very helpful (especially for the set-up phase).

I had one minor issue when our main email address was being spoofed into a load of spam, and we were getting tons of "bounced" mail that they helped sort out in a matter of minutes. Other that, very reliable - very easy to do business with.

Yes, this is a screw up of majestic proportions at Fasthosts but I get the distinct impression that these people who are saying they are completely locked out did not change their passwords back in October. Why not? If I was one of their customers, I'd be asking why they ignored such a security warning from their ISP.

I had changed my main password but got caught out on a MYSQL password so had an hour's downtime last night until I changed that. A bit embarrassing but my customers have been quite understanding.

I've used Fasthosts since 2000 and this is only their second major cock-up. I'll be leaving now but mainly to save money. There's no guarantee the people I go to will be significantly better.

The time is 16.28... they must have seen my previous comment about them as above.

I have only just now received the e-mail from Fasthosts telling me that:

a) they already wrote to me on 18th October about the problem (Bulls**t);

b) to ensure complete security, they're sending my password via the Royal Mail to my UNCONFIRMED postal address (oh great);

I wonder if their management is just reading these comments?

It's all going pete tong!

You could access the internal accounts information - with your network username and password - via a web interface, from anywhere.

No VPN; simple SSL encryption with an employee's username and password.

What was on these internal accounts pages? Full customer details; including passwords and credit card details.

Security? They don't know the first thing.

As it says, can Mr Anonymous etc al PLEASE READ THE COMMENTS ABOVE! This is affecting those who HAD changed all their passwords too.

Have the phones gone back on yet?

Mine is a similar story to many already commented upon here. We have price list data on a Fasthosts MySQL server that is used by a number of our sites and this morning those sites were throwing up permission denied errors. So I reset the passwords before I ended up getting the email.

Funny thing was, we reset the passwords of the same databases straight after the initial scare a few weeks ago, to something far more obscure and yet Fasthosts still reset them, claiming we hadn't changed them...

We're now looking to host our data internally...

Well I hope they're quick at posting out the new passwords and that Royal Mail don't take their usual several-days-to-deliver-1st-class-mail farce, not too bothered about not accessing my main Fasthost website as Pipex have still kept my old webspace open despite being kicked off back in March, but I have a 2nd account with Fasthosts I need to cancel before the end of Dec or they're gonna charge me.

So bloody hurry up Fasthosts & Royal Mail

Fasthosts actions are totally wrong.

I am currently moving 427 sites to another host.

Where is my letter !!!!

Lost in the post probably.

If you are a web refugee (use the coupon code REFUGEE), you get free setup for the first account/domain. And they have a nice triple discount special on too for December (pay up front for a year, get 24% off).

This latest debacle is so irresponsible, plus their helpline doesn't answer (I've tried all day).

I am working away from home at the moment need my PIN to log in, and I can't get my PIN because a) they won't answer the phone and b)the automatic reminder service isn't working. This has had a severe effect of our business operation.

Any suggestions for other web hosts?

I look after a website hosted with streamline.net and have just noticed that their FTP access has suddenly stopped working. After checking their Service Status I find that they are going through the same process of asking customers to change their passwords for their Domain Control Panel and FTP... are they linked to Fasthosts in some way?

To be fair, I think FastHosts simply pressed the 'Panic Button' when they realised the extent of the security breach, the extent of which we'll probably never know about.

FastHosts: The UK's Number 11 Web Host (down 10 places!).

In the old days you could blame babyfaced Andrew Michael for Fasthost's woes (he set up the company from his bedroom aged 17). But now, shock horror, we can blame the Germans for not running the show properly!!

http://www.timesonline.co.uk/richlist/person/0,,48328,00.html

I'll just go and grab me beachtowel....

All on an 10p per min per call, perhaps it's a revenue opportunity for them?

Fasthosts are sending the passwords by normal (not recorded or special delivery) mail. YAY it's going to be two weeks before I get my password (yeah I am in the UK, first class here means it will take up to two weeks around here!) and then I'll have to wait for my UKReg password.

Even if they really really had to do this - couldn't they have generated the passwords a few days before, printed and posted the letters - then after a few days THEN change the passwords?

A frustrated fasthosts customer

soon to be ex-customer - once i've transfered my domains out of UKReg!

... I'm still moving. What irritated me was having to hang on the phone for an hour to find out what was going on when NOTHING had been posted to the system status page. According to that page, all was well and nothing was even being investigated. Customer service used to be great but it looks like they've grown too big.

I'm off to Heart. Anyone have experience of them?

What is the logic of posting the paswords?

I never got any written communication by FH.

I even do not know which address they consider as mailing address,

but it is NOT the one of credit card, and I have moved from one country to another.

ALL THIS IS INTERNET BUSINESS, and it make no sense NOT to use e-mail to send new passwords.

So what is the security breach scenario acording to FH?

The hacker has my e-mail address and the password.

At the moment FH is sending the new password (which he doesn't know, n.b.) he is loging in and stealing it.

Oh, he knows, he hears about FH e-mail being sent, so he is on outlook on thousands of e-mail addresses.

All that is childish and mediocre.

Besides, it was enough to inform me that they were hacked.

It is MY business and security policy when and how and whether I will change passwords.

BTW for the record, I can confirm that my CP password was not reset neither one of FTP passwords,

which I did change after the 1st alarm.

I did change the rest (FTP, e-mail) after the 2nd alarm, but FH e-mail support

has no brains to tell me if I will have to do it again (!?) after the famous Royal-Mail envelope arrives,

if it arrives (as someone is bitterly pointing to Xmas deluge and postal strikes).

Following Fasthosts recent "act before thinking" tactics we're going to spread the risk move our databases and probably our email from fasthosts and for the time being continue using their reseller package, at least this way the only system data of ours and our clients that they can loose / reset is the control panal and FTP - if our new SQL server Host goes down we can use a backup. Personally though I'm more concerned about the personal financial information they appear to have lost - I'd recommend speaking to your banks before this disaster goes from BAD to well.....

I also think that as clients we should demand that someone's head roles for this - loss of business (existing & future) and loss of reputation....

Do yourselves a favor, change your bank details, and spread the risk by hosting servers/emails elsewhere

We've got over 420 individual accounts with Fasthosts, all with FTP and all with mailboxes.. We've now got 9 days to change what could be as many as 5-600 POP3 mailboxes manually, then configur those clients who dont know how to, change server POP3 settings, respond to phone calls and support emails from clients... it's gonna be a busy few weeks :)

The Fasthosts Control Panel has been up and down all day, and my email first thing this morning asking whether we were going to be compensated has yet to be answered..

For my company this is going to be a MASSIVE job to put right....

My calls to Fasthosts Tech Support last night. WIth a critical problem that had nothing to do with the passwords...

Date, Time, Tel Number, Seconds, Cost.

29-11-2007 23:21 00448708883600 4518 7.08

30-11-2007 00:36 00448708883600 6614 10.36

30-11-2007 02:27 00448708883600 4721 7.40

The first call started at queue position 44, then was picked up and dropped without speaking on the cusp of midnight.

The second call started at queue position 35, then when I got through to someone, they just said there was nothing they could do about it and essentially hung up.

The third call started at Queue position 23, I got through eventually, but the call resulted in ....nothing.

That is £25 for two people to be rude to me (do these people realise that I pay for the service?), and one to tell me that there is nothing they can do because they are too busy dealing with calls about passwords. Are you kidding me?

Truth is, there was 2 people on support last night, more than 1000 backed up support tickets that were not being answered , and still haven't been answered.

What support told me is that there is never more than two people on support overnight, and they rarely get chance to address the incoming tickets.

...and the two things that really get my back up:

1) they have one unix/windows engineer on site who could have solved my problem in a few seconds, two commands at a unix command line, and the job would be done. But oh no, my problems are far too much trouble for an engineer to look at, after all, he's busy deleting passwords.

2) Somehow, I have got used to this level of service! I expect it from FH, and they never disappoint me. I have never had a service request dealt with in under 2 hours, I have never spoken to technical support and been pleased.

Time to move on... I think we may be seeing Fasthosts making a Fast Exit over this issue. I would be stupid to have email or sites on a FH server the day the company has to close it's data center. It's Northern Rock time...

This is FREE

01452 541499

But I have been in the queue for half an hour and its 23:47 and have heard the automated announcement that they will NOT reset your password over the phone it HAS to be sent in the post...

... Knobs have changed all mine and I ALREADY changed them when they asked me to the first time they fooked up! Incompetant wankers!!

Yes, yes, yes...but think back to when you made the decision to use them and remember how cheap they were...

....twiddling my thumbs until the postman arrives with the elusive new cp password.

After working for over 17 years in the IT industry I've never come across such an incompetant way of dealing with a security issue. I would love to hear the Security Managers reasoning on why an immediate lock down was ordered without sending any notification to their customers. He needs sacking.

I am sure, even with Fasthosts indemnity clause in their T&C's, there will be a number of claims for loss of earnings, especially if our customers say that they are going to put a claim in to us as a reseller! I know for one that I ain't taking the flack or cost for loss of earnings to my clients seeing as I had followed their instruction in October. We are paying for a service, perhaps Fasthosts will remember that when they lose thousands of customers over the next couple of weeks.

A quick Google last night showed half a dozen sites doing what we need - unlimited/high bandwidth, SQL, PHP - for around the same price and in most cases less - around £80. Fasthosts were £49+the database charge and actually cost more.

You know, even a small change on the website explaining what's going on and apologising would have been nice.

I wonder if they have the foresight to offer discounts for those affected? Where cost is the issue it might make a difference.

Our site was taken off air by the unilateral password change. As the site is used by our clients to monitor services, without FTP it is useless.

I spoke to fasthosts yesterday (after queuing for 1.5hrs) and they finally agreed to fax the new control panel password through.

I received this, and changed my FTP password at approx 12:00 yesterday. Its now 11:00 the next day and I still cannot get FTP access to my site.

Fasthost phones are now continually engaged and we have been off the air for over 24 hours.

THIS IS NOT EXCEPTABLE!

This action will cost us hundreds of pounds as we need to send a technician round to many of our clients sites to update the on-site systems with updated FTP details. But more importantly, this outage makes us look amateur and our clients are losing confidence in our ability to provide a service.

Has anyone managed to talk to someone in power at fasthosts? The poor call centre guys must be getting pretty used to people shouting at them now, but they wont let you talk to whatever muppet instigated this farce.

For all those effected by this, we probably need to get together and present our compaints en mass, as the loss of one or two accounts wont phase them, but together we might get their attention!

I hated my time @ FH

We now have a managed box in the states with liquidweb.com

24/7 manned phones - fantastic support - and with the $ being so far down the pan its almost like they are paying for me to host with them.

Have a look and make your own mind up

DANGER. Ruining our businesses! Leave Fasthosts immediately!!!

Took all day to speak to someone - would not help just said they would post password by ROYAL MAIL!!!!! Beggars belief for a web host!

I have never seen such incompetence.

In the way that Northern Rock...!

I'm a solo web developer hosting our small business site with FH + SQL database for postal addresses etc - obviously not doing much trading on Thursday night / Friday /saturday.

First I knew about all this was a kindly customer (maybe they'll come back..) emailing with sever error thursday night 7.30pm.

I had changed my FTP password previously and had access to Control Panel. FTP came back later Thursday night, SQL down. Call centre (1.5hrs) told me to change the SQL password via the panel -

Also given a reason ~'we couldn't inform people about the mass password scramble beforehand otherwise the baddies would have been alerted' . .

Then I realise why I didn't change the SQL password, it's not accessible in my control panel as it was associated with a windows package that I had to change to Linux as FH didn't support Perl DBI properly under Windows Server- but that's another protracted story...blast!

Rang back, eventually get through at midnight Thursday and then told no engineers were there that could trace my SQL database and hook it to my account.

So what are Fasthosts thinking?! They have the biggest cock up in their history and they don't even get all the technical people they can in to man the datacenter? It's beyond belief.

Remember the original email was:

"We therefore recommend, as a precaution, that you now change the following passwords on your account:"

"Recommend!" - not mandate etc.

The only thing they will take notice of is people leaving so it's time to look for something better.

Shame, as they were a lot better than previous hosts, if you can believe that!

It's affecting our little business and my stress levels, I really feel for you guys that develop for clients hosted on FH - I guess you are moving data across to other hosts etc as quick as possible...

Good luck all.

While I understand you pay Fasthosts and expect a certain level of service, last I looked they offered insane deals of unlimited bandwidth, the moon on a stick etc for £4 a month.

It's clearly logical that if you're spending £4.00 a month on hosting, but have an e-commerce site generating £10,000+ a month of revenue, that the expenses asociated with running the site is just too small a proportion and asking for trouble.

You get exactly what you pay for - if you must penny pinch your business shop-front, then you must expect to have it boarded up regularly when things go wrong. The obvious move is to research providers, and find someone who offers a good level of service for a realistic price.

People who go mad because the bargain basement service they have doesn't have the same level of security, reliability and after-sales approach (not to mention crisis management skills) effectively decided that running cost was more important than those factors, so it's hardly worth crying foul when you get just what you paid for.

I can still login into my UKreg account where we register domains, no problems at all. I changed the password back in October as soon as I saw the article on el reg, but I'm thoroughly confused, have they missed my account?

Im damn glad we're moving our registrations to another company in the next week or so, I'm fed up with being worried that all 1200 domains we have with fasthosts are gonna go missing.

Thank god that we own our own servers and so only need to rely on a transit provider to keep them online.

As a note to everyone out there, we also have 2 transit providers, so if the primary goes down (like builders cutting the cable, wankers), we can still keep functioning with no more than 20 mins downtime whilst the DNS systems flip over.

You know what that's called? Redundancy, you should try it sometime, it's great, means that I can go out there, unplug 100 cables, and everything still keeps on running :D Don't rely on fasthosts, if you want a job doing properly, do it yourself!

They managed to grab my resellers fee, several days early, this morning, just as I was looking at all the less expensive options elsewhere. I'm another one of those who DID change all the passwords only to have a customer ring up yesterday to ask why his database wasn't working.

I'm with everyone who mentioned class action, unless Fasthosts intends to offer compensation for the time, effort and embarassment.

The queue length is currently in the 50's, the waiting time over three hours. This has been the case for 2 and a half days, and constantly over 24 hours.

If Fasthosts are dealing with calls at 2 minutes per call, and there is a constant queue, and with a minimum of 2 support people answering calls, that makes 3600 calls in total. If there are more support people on site then the problem is larger.

I am guessing many people have been put off by the holding system, or are just waiting for the letter. So just *how many* accounts are affected. It doesn't look like it's a "small number" at all.

I am just writing this in the hope that it may make me feel a bit better!

The same story as so many others: Website down without warning. OK, I forgot to change the passwords, but why wasn't an email sent out a day or two - or even an hour - before? Sorry - irrelevant. It seems from this forum that many who had changed the passwords were reset as well. Also, why are they being posted out? It is possibly less secure than emailing the registered controller, and certainly a lot slower.

Why no information on their website about this issue? It appears that everything is great - the best company possible, looking after their customers. Tried for three hours yesterday to telephone them, gave up and emailed. Response promised within 24 hours (had to resend with the account information). 28 hours later I have had three responses. Exactly the same email (3 times) that was sent yesterday.

This must surely be the end of Fasthosts - no hosting company can survive this. It is gross incompetence and pathetic lack of common sense, and I can't imagine many staying with them. I certainly won't be, and I am sure that there are quite a number whose income depends on their website who will, hopefully, be taking legal action. I have cancelled my card, and if they want to take me to court, let them.

Given that Fasthosts recommend new customers to register their account using an email address that will not be hosted on Fasthosts servers, why have they chosen to send passwords to account holders by post?

Security details for the account email addresses are not stored on their servers, so why not just send the bulk by email? Surely, it would be a simple programmatic matter to check if the email address is hosted locally.

I pissed off - i change my password when they notified me - now they change them again and lock me out whilst I wait for the letter...

I'm moving hosts in January when my 12months ends.

Tried calling customer services earlier. Bad idea. 60 people in que in front of me. Hang up, me thinks. Great way of making money with these 0870 numbers.

I've also had a number of cases of clients being emailed direct by Fasthosts. As a reseller i'd expect Fasthosts to only contact us as we'd like to be the ones to manage our clients reactions, not have them feeling like they have to contact Fasthosts direct. A complete shambles all round..

I tried getting through last night but gave up after I saw my skype credit disappearing the queue number staying the same (45 mins)

I've seen above that they may actually fax you your password - was this a one-off case or has anyone else actually managed to get the control panel password rather than wait for this letter, that means another day lost tomorrow.

Did anyone actually receive a letter yesterday? I'm thinking if I don't phone up and sort this I may not even see one for a whole week. Especially if Fasthosts are involved in sending the letters out... over 100,000 accounts? 2 people on support? Hmmm....

This is typical FH customer service and support!

Recently they withdraw their Reseller forum with no warning or word of when or even if the service will be resumed.

As a Reseller I am very concerned over their level of competence, integrity and lack of open and honest dialog!

.. or at least that's what I've gathered from some of the above comments. It amazes me that anybody would plop down any kind of "business critical" website on a hosting provider which will sell you space and bandwidth for less than a cheap bottle of Tesco Value Plonk. What did you expect? You might as well be hosting your company off of an AOL account (and using their members.aol.com/YOURREALLYLONGUSERNAMEHERE123456 web space).

As for there not being enough warning, I feel as somebody with a fairly good grasp of the English language the term "EMERGENCY" usually indicates the reasoning behind it.

As for me I can wait for the letter to come in the post so I can log in and renew my two expiring domains (which are both mission critical, expiring tonight at 22.59 and will cause 18 children to become orphans in south Lincoln).

I had a client approach me about the original email sent out by FH. It sure looked dubious. Client attempted to change passwords but none would save - eventually client became an aggravated client and gave up.

Same client informed me of the latest email and the password fiasco (I am not a Register regular, so missed out on a lot of stuff).

I checked my own emails and only this afternoon have I received an email from FH stating they would be removing passwords. I had no warning at all.

Luckily I have closed a hosting account and moved it elsewhere, but it's still an issue for some email accounts.This is not good.

I will be moving all of my accounts including my clients elsewhere, once I have access to them.

Not a happy teddy.

Yesterday, 30 November 2007 at 00:43 I noticed none of my company's Farcehosts email login passwords were working. This is despite us changing them as instructed AFTER the FH security breach. But then after about half an hour all the passwords "magically" started working again. No notification - shame I was trying to work at the time.

FH might claim to be "The UK's number 1 web host" but they must surely be haemorrhaging customers after so many schoolboy errors. Certainly, I've started looking around in earnest for an alternative host.

6.30am Sunday. Only 10 in the queue! 30 mins later at number 6, add it to the 3hrs since Thursday....gave up on saturday...will they have a Techie who can actually sort the problem when I get through? Doubt it.

And to think I used to love Zero7...

Now 1hr and moved 1 position to 5. Can't waste anymore of my weekend, kids are loosing the plot with me wandering around with a phone!

Paypal checkout reinstated - removing need for SQL database. That will do for now.

Search on for new provider. My work colleague recommends NetHosted?

This just arrived in my mailbox this morning...

Dear Stuart,

The following debit/credit card registered on your Fasthosts account (XXXXXX) is about to expire:

------------------------------------

Card number: XXXX-XXXX-XXXX-XXXX

------------------------------------

To ensure that your account continues to run properly, please update your card details using your control panel as soon as possible.

------------------------------------

Step 1: Log in at https://www.fasthosts.co.uk/login (rofl)

Guess who's upset that they won't be able to get anymore money off me...?

I am most displeased with Fasthosts over all this password nonsense. I have finally got the passwords sorted out, but I have one website that is way out of date now and I can't update it.

The reason being is that I cannot access my ftp site on ANY of my sites hosted by Fasthosts. Other wb hosts are OK. I've tried and tried phoning Fasthosts, but I am always at queue position 50+ and have even been as high as 83!.

I've sent emails to Support regarding this problem, but have only had an auto response from them. This sort of response makes me wonder whether Fasthosts are in some sort of administration trouble and whether I ought to change host. I also wonder how many other customers are experiencing the same

A client hosts http://www.mantonian.co.uk with Fasthosts and the password was reset when first advised over a month ago. I was also rang by fast hosts in Australia as they had flagged the site as being e-commerce based.

The password for SQL and FTP was changed and the site is still currently working, is everybody sure they reset their passwords when asked?

As for other hosts, I currenly use Media Temple's Grid Server for new hosting after Fasthosts cocked up for other a week on a support question regarding why mod-rewrite wouldn't work..after a weeek of the site being offline and no answer from them as to the problem (it was constantly moved between people at their support), they finally came up with the problem that they don't support both SSL and Mod-Rewrite.

By this time we had moved to Media Temple and have had no problems since.

One other issue, if I am not wrong you are given the option when you create SQL databases with Fasthosts to choose the password. I wonder how many people used a password they use for much of their online presence and therefore if the hackers were given access to email data along with plain passwords it makes you wonder if they are able to gain access to services unrelated to Fasthosts?

We have over 100 sites with FastHosts and we hate them.

Since the point of no return, where we had too many sites to move, we have felt like prisoners.

Their servers are periodically awful and they never accept any responsibility for the poor performance, even when it lasts for months. Almost everything about them fails at one time or another and they wear you down, with idiotic support, until you give up complaining.

As shown by this mess, they regard every customers as of little value and you can take it or leave it.

Don't be tempted by their reasonable prices, as they will cost you your sanity and business, in the long run.

We are desperate for an easy way to leave them and won't touch 1and1 by their shared ownership.

Lucky you, Stuart. I've just updated my acrd and account before all this blew up.

I did change all the passwords FH still reset them all.

Actually got a phone call from Sales after sending them an email about a question for a reseller package. To my amazement they actually phoned me but where stunned that I was already a customer. Debatable now!!

They gave me a password over the phone no confirmation who I was or account number. ***king amazing. Another security breach!!

GUESS what the password doesn't work and I still cant get to my web sites. Ahhhh

Recommend cancelling Credit Card which is associated with them. Due to the fact the security breach isn't fixed, they send letters to unverified addresses, they gave me a password over the phone without authentication. Plus they havent even attempted to send an email stating that they will not be charging us a few months service because of the trouble they have caused.

Just leave these bunch of ****s

Move once you get access.

We changed all our passwords & asked our customers to do the same back when the first breach came to light.

Our phone hasn't stopped ringing with our own customers asking what is going on & we cannot help most of them till RM deliver a letter with our MASTER PASSWORD & I bet it hasn't randomly generated either

We have access to the Control Panel & managed to reset all our FTP passwords but database & stats are inaccessible.

We are looking to move all 300 websites & domains over to Heart Internet run by the guys behind 123-reg & WebFusion before they sold it.

Fasthosts system status:

Open: Control Panel / Database access

Customers may find they are unable to log into their control panels, or access their databases. All customers affected will be emailed shortly with further information and instructions. We apologise if you have not received this email yet and thank you for your patience. If you have your control panel access password you should change the database access passwords for any database connections that are failing. You will also need to update your website code with the database password you have set.

I've just written to Internet United to complain and to remark they've managing a dead walking brand. I don't care of Police excuses, they are doing bigfoot policy for customer relationship. Why don't they ask for cutting off the whole Internet without notice?

If someone is interested (I see someone is) in asking for damages just step on,

write to the owners you too. http://www.united-internet.de/

we'll do a legal action.

As only a small user of FH, I do sympathise with you guys who have multiple accounts. I only have 3 accounts, but inherited a 4th from an association I am a member of and they are fuming! I Passed a link to here and it seems like the committee believe me and are now going to discuss about leaving FH.

I think that FH may have to start looking for many more customers to be the #1 web host in the UK.

...as the Postie delivers (yeah, right) everyone's passwords on Monday. Fasthosts customer sites grind to a halt as we log in, change passwords, commence site downloads for safety and in preparation for the move...

I wonder how many of our customers we will never see again as they have been forced to find alternatives? A few less than Fasthosts methinks.

Just about to sign up with a US site, AdvancedNetworkHosts. Anyone had experience of US-hosted sites?

Is this the only site where this is being discussed? Have Fasthosts "got away with it" publicity-wise?

After the last fiasco, I took my 300+ domains and moved them away. It was a huge undertaking, monumental amounts of work involved, which I am so glad I undertook now as this weekend I have not had to apologise to each and every one of my customers and explain to them once again how to change all of their passwords. I am with 1 & 1 using dedicated servers (don't touch the shared hosting), and we are OK (never want to tempt fate). To you guys saying how you will move, and to the guy think 100 domains is a lot to shift, to the guys talking of moving, move, you will be glad you did, to the guy with 100 domains, move, you will be glad you did, it will save you a lot of ball ache in the future, and to be honest, even without all of these fiascos, fasthosts really is quite crap all of the time with slow conenctions, poor technical support and no interest in their customers. We have spent more than £15,000 with fasthosts during our time with them, and we were treated completely unsympathetically. We were told that we should change passwords as a matter of course, and that they were essentially doing us a favour with the last fiasco, and then that we should bear the cost of doing all of this and include this in our costs as a reseller. Well I have left, and I am glad that I did not lose this weekend out of my life, and instead managed to have a few beers, see some friends, get to the cinema, play at home on the Xbox, spend some time with my family, and even find the time to type out this message and check in on your poor long suffering fools still with Fasthosts. Take my advice, no matter how much work is involved in leaving, it will be worth it (if you go the right place). Good luck to you all

I can just see it now:

Fasthost Accounting: oh look, our quarter looks like it might be a bit slow this year, we need to boost income before the end of the year...

Fasthost Manager: Let's chop off access to our customers and force them to call a pay-per-minute phone line to get things fixed. That should boost profits a bit.

I'm betting Fasthost has a really good quarter ending in December, probably thanks to a sudden increase in support phone calls and people willing to wait hours in order to stay in business.

Lovely company. I'm so glad I'm not their customer. Nor will I ever be.

.. or will this be another example of someting being "in the mail", yet never arrives.

Monday morning, post has arrived - password has NOT! As it happens, I'm driving up to Cheltenham tomorrow. Fasthosts are in Gloucester are they not? Assuming (can anyone confirm this?) their support team is located there, I shall be making a personal visit to get my password issues resolved. I will be taking my video camera with me and if I get a sniff of anything other than "certainly Sir, we apologise for the inconvenience. Your new passwords are xxxx." then my next stop w