Account suspended — full Trust & Safety response posted 22+ hours ago, no reply (ticket SFO-26LUX)
Hi r/vultr,
Posting here because I've exhausted the
in-dashboard channels and could really use help
getting eyes on my ticket.
The situation:
My entire account (4 instances) was suspended
yesterday after one of my instances
(`207.148.114.25`, Tokyo) was compromised during
initial provisioning — the attacker used it to
run outbound port-scans on Indian Elasticsearch
hosts (the abuse signature in the report).
What I've already done:
- The compromised Tokyo instance was destroyed
two days ago
- On all surviving instances I've enforced SSH
key-only authentication (`PermitRootLogin
prohibit-password`, `PasswordAuthentication
no`), installed fail2ban with aggressive sshd
jail, and set ufw to default-deny
- 22 hours ago I posted a detailed reply to
ticket **SFO-26LUX** addressing all four of
Trust & Safety's questions in depth, with
concrete remediation evidence and commitments to
enable Vultr's network firewall and automatic
backups on reinstatement
- I followed up politely twice asking if any
further info is needed
- I'm at clinical@diagnify.ai, account based in
Australia
Why I'm asking for help:
The suspended instances host clinical
decision-support services for medical and legal
practitioners. Real clinicians try to access
patient case files and find them offline. Phone
support (1-833-471-7100) isn't connecting for
me. I'm not asking to bypass review — just
hoping someone from the Vultr team here can flag
the ticket to be picked up.
Happy to provide any additional detail directly
to T&S. The remediation is complete and I take
this seriously leaving default password-SSH on
during provisioning was on me and won't recur.
Thank you for any help.