As someone who has been a very happy and loyal Linode customer for a long time now, this whole situation paints an image of Linode I otherwise would never have thought. The fact they apparently had both the private and public keys for the credit card hashes in the same location as one another is beyond belief. The very fact that Linode failed to mention they made a deal with the attackers and then reneged on it all without telling anyone makes me sick. I don't want to bash Linode purely because everyone else is, I am legitimately concerned here that my personal details have been compromised.
I thought Linode was different but based on their lack of transparency in this matter, I'm seriously considering just moving all of my sites to DigitalOcean, Rackspace or even AWS instead. This makes me wonder who originally cleared them for PCI compliance in the first place. This is a huge violation of trust and now I've got to keep my eyes focused on my credit card statement for fraudulent transactions, the bank I am with ANZ however has great fraud detection systems and considering I'm in Australia any transaction should be easily reversible, but the fact there is a possibility my card could be fraudulently used saddens me.
Linode needs to come clean about this situation now.
I thought Linode was different but based on their lack of transparency in this matter, I'm seriously considering just moving all of my sites to DigitalOcean, Rackspace or even AWS instead. This makes me wonder who originally cleared them for PCI compliance in the first place. This is a huge violation of trust and now I've got to keep my eyes focused on my credit card statement for fraudulent transactions, the bank I am with ANZ however has great fraud detection systems and considering I'm in Australia any transaction should be easily reversible, but the fact there is a possibility my card could be fraudulently used saddens me.
Linode needs to come clean about this situation now.