Thirty nine hosting providers including Brisbane based company Chombo have had what appears to be login details to the WHMCS billing and client management system publicly disclosed.
The anonymous dump affected 40 providers around the world, many based in the United States.
The post did not say how the log in details were obtained.
SC understands other companies not named in the release were compromised through a vulnerability in WHMCS that had been patched, but not applied by the victims.
A Norwegian website named in the hacked was also defaced - twice.
_(5).jpg&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
Digital NSW 2025 Showcase
_(1).jpg&h=140&w=231&c=1&s=0)
