WHMCS, a client management company has been hacked. 1.7GB of data was stolen.
The data leak comprises 500,000 usernames, passwords, IP addresses and in some instances credit card details.
As I keep saying: the only financial information that would be stored in the company database when you pay via bitcoin is a magic number that would allow the attacker to pay your bill for you. There is no equivalent of “credit card detailsâ€. The only number that can be used to spend your money is known to you and you alone (or some form of bitcoin “bank†that you can use at your option).
Breaking into a large supplier and stealing customer information would not net you any useful financial information whatsoever. Admittedly, the hacker might be able to steal from the supplier — but that is definitely the supplier’s problem and not yours. The incentives lie where they should: the supplier is the one that loses out if their security is inadequate, not the customer.