WHMCS Breach May Be Only Tip of the Trouble
A recent breach at billing and support software provider WHMCS that exposed a half million customer usernames, passwords and in some cases credit cards may turn out to be the least of the companys worries. According to information obtained by KrebsOnSecurity.com, for the past four months hackers have been selling an exclusive zero-day flaw that they claim lets intruders break into Web hosting firms that rely on the software.
WHMCS is a suite of billing and support software used mainly by Web hosting providers. Following an extended period of downtime on Monday, the privately-owned British software firm disclosed that hackers had broken in and stolen 1.7 gigabytes worth of customer data, and deleted a backlog of orders, tickets and other files from the firms server.
The companys... [via Security Bloggers Network]