Dear All,
The company that makes the WHMCS Portal Software was hacked / attacked. Apparently all of their client's data was downloaded and has now been posted to the Internet. The posting of the data has been verified by several of their users.
My understanding is it was a Social Engineering Attack. Apparently someone was able to call into the hosting company and by using the Challenge Questions was able to get the Emails for the account redirected to a non authorized email address. Once this was done the hacker was able to reset passwords. Once the passwords were reset they were able to log in and take control of the website and all databases.
For those of you that use Social Media (SM) a lot (just another reason I do not like SM), you must be very careful about what data about you, your family, friends, business, and all other information you post on the various SM Networks. Someone can be very meticulous and mine the data, and then use it against you.
I would take a minute or two and think about what you have on the SM Networks and cross reference that against any security questions, passwords, and all things even remotely related to security.
Statement from Matt:
http://forum.whmcs.com/showthread.ph...398#post223398
Forum Discussion:
http://forum.whmcs.com/showthread.ph...354#post223354
The company that makes the WHMCS Portal Software was hacked / attacked. Apparently all of their client's data was downloaded and has now been posted to the Internet. The posting of the data has been verified by several of their users.
My understanding is it was a Social Engineering Attack. Apparently someone was able to call into the hosting company and by using the Challenge Questions was able to get the Emails for the account redirected to a non authorized email address. Once this was done the hacker was able to reset passwords. Once the passwords were reset they were able to log in and take control of the website and all databases.
For those of you that use Social Media (SM) a lot (just another reason I do not like SM), you must be very careful about what data about you, your family, friends, business, and all other information you post on the various SM Networks. Someone can be very meticulous and mine the data, and then use it against you.
I would take a minute or two and think about what you have on the SM Networks and cross reference that against any security questions, passwords, and all things even remotely related to security.
Statement from Matt:
http://forum.whmcs.com/showthread.ph...398#post223398
Forum Discussion:
http://forum.whmcs.com/showthread.ph...354#post223354
Comment