标题: Warning WHMCS.com website hack, security precautions inside [打印本页] 作者: Captain 时间: 2012-5-22 04:51 标题: Warning WHMCS.com website hack, security precautions inside We are writing to advise you about an incident that occurred earlier today (May 21st, 2012) at WHMCS. It appears that their servers have been compromised, including the licensing servers and ticket system. The hackers are claiming that they will shortly be publishing a dump of WHMCS’s database to the public.
At this time, we are strongly advising all users to change passwords, that were used at WHMCS.com, on all other sites, as well as any server-related (FTP, SSH, etc.) credentials that you may have sent to WHMCS in a support ticket in the past. We also strongly advise that you monitor any billing methods that may currently be on file with WHMCS, this includes credit cards that we would suggest are cancelled as soon as possible.
WHMCS is currently claiming that the hack has nothing to do with WHMCS itself. We are unable to confirm the extent of the attack and what information may be at risk at the current time. We strongly advise that you take extreme precautions immediately to prevent any possible consequences.
I want to personally reassure you that LicensePal and the information that we hold is unaffected by this hack. If you have purchased your license directly through us, then you should not have to worry about your billing information. However, please be aware that your personal information would also be stored in their database.
If your license is presently reporting as invalid, please allow some time for WHMCS to get all of their licensing servers back online and functional. They are reporting updates at the following site. http://forum.whmcs.com/showthread.php?p=223398#post223398
If you have any questions or concerns, please open a ticket and we will address it for you to the best of our ability.
作者: MySQL 时间: 2012-5-22 04:52
提示: 作者被禁止或删除 内容自动屏蔽作者: domin 时间: 2012-5-22 04:56
看来还是ubersmith算了...作者: Qpuer 时间: 2012-5-22 05:33
烦死了,整天要改密码作者: 葫芦娃 时间: 2012-5-22 06:41
Hmm.. I aint paying my next invoice with them!
Unfortunately today we were the victim of a malicious social engineering attack which has resulted in our server being accessed, and our database being compromised.
To clarify, this was no hack of the WHMCS software itself, nor a hack of our server. It was through social engineering that the login details were obtained.
As a result of this, we recommend that everybody change any passwords that they have ever used for our client area, or provided via support ticket to us, immediately.
Regrettably as this was our billing system database, if you pay us by credit card (excluding PayPal) then your card details may also be at risk.
This is just a very brief email to alert you of the situation, as we are currently working very hard to ensure everything is back online & functioning correctly, and I will be writing to you again shortly.
We would like to offer our sincere apologies for any inconvenience caused. We appreciate your support, now more than ever in this challenging time.
