Capital One 360 apologized for shutting my site down without warning or cause via e-mail today:
Jon, I’d like to apologize for our recent actions regarding your website. Customer security is our number one priority, and it is not something that we take lightly. One of your readers and one of our vigilant Customers alerted us to what he felt may have been a phishing scam. When presented with security concerns — such as a possible phishing scam– that may affect Customers’ personal information, we act swiftly and decisively to protect them. In the case with your site, we may have acted too quickly. After further review, we immediately reversed course and resolved the situation. We’re sorry for the inconvenience it caused you and your community, and we are working to make sure this type of situation doesn’t occur again.
Thanks for being a valued partner of Capital One 360. We look forward to continuing our successful partnership.
Sincerely
Robert Weaver
Head of IT Security
Capital One 360
I suppose that is something. I only wish it could have been “When presented with security concerns, we actually visit your site and verify the accusation before hiring a large security firm to scare your web host into shutting down your revenue-generating website.” I also disagree with “immediately reversed course” because only after my begging my hosting provider was my site brought back online and given 12 hours to comply to the demands.
Oh, and here’s the long, scary e-mail that was sent from RSA Security yesterday morning (after the jump). I think you’ll agree it was very accusatory and pretty offensive. They even demanded an entire download of all the contents of my site and server.