Login

Ashley · 22.05.2012, 02:46

Hey guys,

I just thought I'd let you know, in-case you haven't already noticed. WHMCS's websites, database and systems were hacked into today, all of the data including passwords, credit cards etc are all available on the internet.

I'd advise anybody, who has ordered with WHMCS or an account, to change ALL passwords you use, and cancel, and report all of your credit/debit cards for fraud to your Bank. I'd also advise checking your direct debits and standing orders every few days.. just in-case any fraudulent ones have been set-up.

If you have given them FTP/secure information through support tickets or emails with them in the past, change them details also.

Further statement has been released by WHMCS, but no official email sent out to notify clients.. everybody is finding out by a third-party.. so here's your warning!

http://forum.whmcs.com/showthread.ph...ewpost&t=47660

Stay safe,
Ashley.

Abbott · 22.05.2012, 04:20

I am honestly not bothered at all, I feel for the people who have their credit card payments with them though. The worst they can do is send me mail to the company PO box.

EDIT:
didn't realize they released the files for public DL.....

I don't understand why they were using cPanel.

Smithy · 22.05.2012, 08:51

There's no proof showing a public download of all files is there? They stated that the passwords and credentials should be secured?

Ashley · 22.05.2012, 11:29

Yes there is, if you know the correct places to look, as I've proved to myself this morning when I downloaded my credit card details.

The credit cards and passwords are are encrypted, but with the hash to decrypt them in the config files, which where also released, it is possible.

MP2 · 22.05.2012, 12:27

I used PayPal to pay kingj, so I assume I'm safe?

Smithy · 22.05.2012, 12:35

Following an initial investigation I can report that what occurred today was the result of a social engineering attack.

The person was able to impersonate myself with our web hosting company, and provide correct answers to their verification questions. And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details.

This means that there was no actual hacking of our server. They were ultimately given the access details.

This is obviously a terrible situation, and very unfortunate, but rest assured that this was no issue or vulnerability with the WHMCS software itself.

We are immediately reviewing all of our hosting arrangements, and will be migrating to a new setup at the earliest opportunity.

I would like to take this opportunity to thank all of you who have sent in messages of support, and offers of help. It has clearly been a very stressful time, and I thank everyone both personally and on behalf of WHMCS for their loyalty and support.

The matter is now in the hands of the FBI.

MP2 · 22.05.2012, 12:43

Use quote tags to avoid confusion please.

Ashley · 22.05.2012, 13:00

You don't understand why they where using cPanel? What else are they supposed to use.

@mike, yes you're credit cards are safe either way, you wasn't a customer of whmcs.

@harold, that's a pointless statement Matt Pugh made, if the FBI where involved, their cyber crime task force would have removed them files instantly.

WHMCS screwed up big time,they chose profit over security. Seriously, a dedicated server with host gator, it was bound to happen.

Sent from my iPad.

~~Calgon~~ · 22.05.2012, 18:35

Quote: