New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
So wait, isn't WHMCS the guys that would rage on you if you wanted to store your CC's within your own DB because it violated xyz laws or you needed heavy PCI compliance?
Francisco
AFAIK it (PCI compliance) is not an US thing. It is Visa/Mastercard requirement. They are the ones who fine you.
Exactly. That is why I don't run credit cards through my WHMCS and only do them through a 3rd party like WHMCS or 2co.
I stand corrected, I thought wrong.
Correct.
My bad, then. I knew it was controlled by a conglomerate of credit card companies, but I thought they kept it within US borders.
Anyone else wants to add to this/confirm?
Well this depends very much on your country's legislation.
However even if its illegal to download/view it i don't think anybody who doesn't abuse the data would get in trouble for it.
Well, I don't think it would hurt just to check what data of yours in there. Thats the reason I downloaded it.
So did anyone actually try to login?
I'm a client, do I need to jump in and "check" things? Or is it "just fine"?
I have a quick question, I quickly skimmed through the 9 pages of this topic and didn't see an answer, I had a WHMCS license through LicensePal, canceled it quite awhile ago. So since I paid at LicensePal, WHMCS doesn't have my credit card details, right?
If you tell me what to look for i can check it for you
Correct. You're credit card is safe.
... untill they get social engineered through their hosting provider....
I think your meaning safe, if LicensePal was giving out CC info to WHMCS that would be worrying.
Who says it's stolen? It may well be "public" found somewhere, which they CAN use in an investigation.
When will WHMCS get control of their twitter again ;(
So, who's willing to hack ugnazi? :P
That would be stooping to their level
Not like pulling the leaked database to look up financial figures and personal information on other people, right? -_-;
Hahaha good point
A new WHMCS exploit scanner is being passed around IRC now. It checks for exploits on every single IP listed as active in the database. It's not that bad now (unless you never update WHMCS), but this is going to make future exploits a bad thing. It's not like most people are going to change their server IP just to protect themselves.
Phewww I just moved my WHMCS server today (unrelated to the hacking) Perfect day for this to happen!
What shady IRC networks are you on?
You can find anything on Freenode, Captain.
If you're trying to quote Urza from old gammanet, it goes "You can find anything on Freenode, pal. Anything but dignity."
Unfortunately our whmcs license is now invalid because of this and we can't get in to our billing syetem.....
Time to create our own.
where did you all get the client's address from the database? all i see are a bunch of license and domain names .
All the client details are in the sql dump.