cPanel notifies customers of possible user database breach
cPanel, the firm behing the popular eponymous web hosting administration and control software, has suffered a breach over the weekend.
According to a notice posted online and sent to potentially affected customers, the company “successfully interrupted the breach,” but there’s a chance the attackers made off with customer information housed in one of their user databases.
“The customer contact information that may have been susceptible is limited to names, contact information, and encrypted (and salted) passwords,” they explained, and added that the customers’ credit card information was not compromised as it is stored in a separate system.
Aaron Stone, the company’ Director of Internal Development, said that they will soon be upgrading their password encryption anyways, and customers will now be forced to change their passwords.
They are directed to visit the cPanel Store login page and click the forgot password link.
Just to be clear, the customers’ cPanel installations are safe – it’s their accounts for the cPanel Store that might be affected.