This announcement is in response to this email we received from the Cpanel Team
The small number of servers who we have contacted the Cpanel Team about in the past 6 months are having their root passwords reset by us and clients will be contacted.
Everyone else - if we do not contact you this morning then you are not affected by this but we still recommend you have procedures in place to regularly change your root level password. If you have had the same root password for any time at all please change it now. Remember your root password gives full access to your entire server. If you are not familiar with linux you can change your root password in Web Host Manager using the 'Change Root Password' link. Please make sure any new password is very secure and we recommend you use this website.
http://strongpasswordgenerator.com/
From: no-reply@cpanel.net
Date: February 21, 2013, 7:46:48 PM EST
Subject: Important Security Alert (Action Required)
Salutations,
You are receiving this email because you have opened a ticket with our support staff in the last 6 months. cPanel, Inc. has discovered that one of the servers we utilize in the technical support department has been compromised. While we do not know if your machine is affected, you should change your root level password if you are not already using ssh keys. If you are using an unprivileged account with "sudo" or "su" for root logins, we recommend you change the account password. Even if you are using ssh keys we still recommend rotating keys on a regular basis.
As we do not know the exact nature of this compromise we are asking for customers to take immediate action on their own servers. cPanel's security team is continuing to investigate the nature of this security issue.
--cPanel Security Team
