New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
For?
Guys: If this gets derailed, the thread gets locked. Keep that in mind.
Let's keep this on topic since it's a rather serious matter that has wider impications beyond just Cloudie itself, it would seem.
Email suggests that the original breach may have occurred from module(s) provided by https://www.whmcsservices.com/ or https://whmcsglobalservices.com/ ?
WHMCSServices was mentioned previously both here in an a thread from the 17th or 18th on LET, since it appeared to be a supply chain attack where they were hacked, and the hackers then sent an email with a file link to 'update' a module used which was what allowed access to other user's WHMCS. Is that correct?
This is the first I'm hearing of WHMCSGlobalServices being in the mix of blame, can anyone confirm?
Can u plz tell me if the hacker can use stored credit card numbers in any way & what kind of partial cc numbers are stored? I dont have experience with stripe backend yet, so dont know how much of the cc data is leaked per customer and if a person shud be concerned.
Anyone else? Is this related or just unlucky timing?
Only last 4 digits of credit card number are stored. Other credit card details are stored through Stripe and cannot be accessed. The hacker could have refunded or charged credit cards with Stripe through the billing system, but it doesn't look like that happened. There would be no benefit to the hacker, the money would just have gone to Cloudie/the hosting provider and would not be able to be withdrawn.
The last 4 digits can't really be used for much by itself, but maybe it could be used in social engineering attacks to other companies.
Damn, I remember a different Perry.
Just answer that you are not looking for Job but Prostitutes instead
LEB was a nice, informative place when our beloved LEA owned it. LET was established as extension of LEB back then because the comment section under LEB posts wasn't enough once the community grew.
Everything changed when this idiot @Chief inherited LEB/LET from LEA and secretly sold it to Jon Bilbo and they made it via Marteen's paid posts ColoCrossing hosts's advertising space. Those greedy bastards ruined it.
And now's just a random billboard without any direction or purpose anyway.
I don't think this newb is the right person for those questions
Yes, Anthony is still around and manage Inception Hosting under the ownership of Clouvider. But he's not in the leadership of LES anymore. He gave it to Mason to manage it and he does not post much lately.
just could not resist this one.
That's way before my time. At least i think so. I stumbled upon LET (via LEB i guess? - there is hardly any memory left but it probably must have been this way) pretty early when there was little of anything going on in the forum and lurked randomly but didn't really noticed how it was kind of a household name until way, way later. If LEA was still active when i first dropped by will probably forever stay a mystery as i hardly remember anything from back then. My brain is really just some worn out fishnet in a lot of ways nowadays...
Yeah, that part i know pretty well, up until the @AnthonySmith era, which is were i kinda lost track.
Well, i guess that really started when CC got directly involved. I mean CC employees/JB would show up now and then before also but they were really more of some elusive figures that needed to be summoned when config changes were desired but usually did only actually materialize after extended periods of uncertainty if anything would happen at all.
It seems I dodged this bullet because I was not a customer of this provider.
My regrets are with all the honest customers who got caught by hackers.
So, anyway, how is your paper on Cyber Security going? Didn't you write your Bachelor's about this kind of topic? Will you put it on JSTOR or the like?
Who has suffered molestation as a result of this incident?
Appreciated! Say, do you also have a coke or something?
Some of the victims will likely stay mute since the database is circulating among members of these forums.
Molest... what?!! Do you mean victimization?
Everyone can find my ASN on my website.
Everyone can grep my ASN in the database and find my email and street address.
Or they can just go to RIPE WHOIS and find the same information.
The street address is my office address.
We have 24/7 security guards, with guns and tasers, at each gate.
We don't have dogs, but there are many deers roaming around the office building.
I only enter my residential address if physical goods are to be shipped to me.
Go hack Target Corporation if you want my residential address.
We don't accept mail from Shit Express and similar merchants.
Damn, running a hosting company is nothing short of constant nightmares.
And apparently being a client of one too
Of all the things I've done in my entire life, running a hosting company has probably been the closest I've come to being killed. This includes my state-sponsored vacation to Fallujah.
I like crunchbits response.
Change your passwords, don’t sign up with a ton of personal info, standard hacker event.
Like many other scams this is just extortion as usual.
OP has received victimisation
Why was op banned?
Also would like to know the answer to this question.
Alt of a banned user, @treesmokah. The guy is previously banned for a very long list of infractions and is toxic.
There is no issue with this thread and as of now it will remain open.
This thread should have new title:
PSA: user data leaked due to WHMCS vulnerability