Client management billing platform provider says its hosting provider was breached
Client management billing platform WHMCS last week notified customers that hacker group UGNazi fooled its Web hosting firm into providing the hackers with administrative credentials.
The hackers stole the data, deleted it from the hosting provider's systems, and then posted it on the Web.
UGNazi also gained access to WHMCS’s Twitter account, which it used to publicize a series of posts on Pastebin that contained links to locations from which the billing firm’s customer records and other sensitive data might be downloaded. A total of 500,000 records, including customer credit card details, were leaked as a result of the hack, according to news reports.
WHMCS developer Matt Pugh wrote in a blog: "The person was able to impersonate myself with our Web hosting company, and provide correct answers to their verification questions. And thereby gain access to our client account with the host, and ultimately change the email and then request a mailing of the access details.
"This means that there was no actual hacking of our server. They were ultimately given the access details. This is obviously a terrible situation, and very unfortunate, but rest assured that this was no issue or vulnerability with the WHMCS software itself."
UGNazi compounded the problem by launching a large-scale distributed denial-of-service attack that froze WHMCS's Web servers.
Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024