Jump to content
TiVaHost

TH Data Breach Notifications

Recommended Posts

Online security is serious business. Every year millions of people have their personal information leaked online. Sometimes breaches occur because of poor security measures in place on the websites people register on, and other times breaches occur because hackers target a specific company.

 

Even the largest companies and websites, where we expect our data is safe, are not safe from data breaches. MySpace, LinkedIn, Adobe, Dropbox, Tumblr, Sony, Snapchat, Yahoo, and hundreds of other websites have all been breached. Even website like Domino's Pizza and Acne.org, unlikely hacking targets, have had data breaches occur. The fact is that data breaches are something we all need to be concerned about, and many people have already had their data breached and leaked online without their knowledge.

 

One of the biggest concerns with data breaches is that many people reuse the same password for many different online services. Some estimates put the number of users that reuse passwords at 50%-55%.

 

As hosting and online service providers we all play an important role in protecting the security of our customers by keeping their data safe, and preventing unauthorized access to the data on our servers.

 

However since over 50% of people reuse the same password there's a very good chance that some of your customers are using passwords with you that have already been leaked online as part of a data breach from another website. No matter how much security you put in place, if an attacker has the user's password, there's nothing you can do to stop them from accessing the user's account on your servers without authorization.

 

Our TH Data Breach Notifications for WHMCS module adds an additional layer of protection for your users by comparing their e-mail address with over 3 billion breached accounts. If your customer's e-mail address was found in a breach the customer is notified through your Client Area and/or an e-mail notification about the breach, including information about the type of data that was included in the breach. So your customers will know what website the information was breached from (Adobe, LinkedIn, etc), as well as what kinds of information were included in the breach (e-mail addresses, passwords, phone numbers, etc). By notifying your customers of data breaches you give them the opportunity to change their passwords on your website, and others, if they reuse the same password for multiple sites. This can help keep their account, and data on your sever, secure.

 

TH Data Breach Notifications for WHMCS also contains personalized recommendations for your customers if they have been found in an online data breach. The module looks at the type of information contained in the breaches, like e-mail addresses, phone numbers, passwords, etc, and provides some advice and tips on how the user can best protect themselves, and if there are any actions they should take.

 

Since most people do not know when their data has been breached online providing this information to them in a meaningful way, like through our TH Data Breach Notifications for WHMCS module, could help improve your customer relationships. We use this module on our own site, for our own customers, and our experience so far has been that customers appreciate being informed when their data has been leaked online. Most of them had no idea their data was included in a breach.

 

The module also re-checks each account on a regular basis, so it can detect and notify your customers of any new breaches they are found in as well. Let's work together to make the internet a safer place, and keep our customers informed about their online safety.

 

Search Over 3 BILLION Breached Accounts

 

This module searches breaches from over 200 websites and more than 3,853,560,010 breached accounts. The matching is all done via an API using your customer's e-mail address. This module will simply supply the e-mail address of each of your customers to the API over a secure connection, and if the e-mail address has been found in any data breaches the API will return the breach information for the customer to view and take corrective action.

 

Client Area Notifications

 

When Client Area Notifications have been enabled customers will be notified of new breaches when they log in to your Client Area. Notifications are shown on the Client Area homepage, as well as in the "Notifications" area. Both contain a link to the full breach report.

 

E-mail Notifications

 

Customers can be notified of new breaches by e-mail when the E-mail Notification option is enabled. The e-mail report uses your standard e-mail header and footer, and can be customized through the E-mail Templates page in WHMCS. E-mail reports sent through this module are also logged under the "Emails" tab of the user's profile, as well as in the E-mail message Log, like all e-mails sent via WHMCS.

 

E-mail reports alert the customer that they have been found in a breach, and provide a summary of the breach. A link is provided in the e-mail that takes the customer to the full breach report in your Client Area.

 

Personalized Recommendations

 

This module provides personalized recommendations to each customer. Based on the breaches that a customer has been found in, and the types of data contained in those breaches, the recommendations page will contain some tips and information about actions the customer can take to protect themselves.

 

Easily Translatable

 

All of the customer-facing text can be configured to suit your needs. The Client Area pages can be configured by modifying the template file included with this module, and the text shown in the e-mail notifications can be configured through the WHMCS "Email Templates" page.

 

Screenshots/Pricing/Purchase

 

For screenshots, information on pricing, or to purchase this module, please visit https://www.tivahost.com/software/whmcs/th-data-breach-notifications.php

Share this post


Link to post
Share on other sites

Got this thinking it would be a good addition to my services offered, but in a month i have got several emails as below

 

'Subject: Cron <********@westfold> php -f /home/********/public_html/*******/modules/addons/th_data_breach_notifications/cron.php

Date: Wed, 13 Sep 2017 07:40:32 +0100

From: Cron Daemon [email protected]***********

To: *************************

License Error'

 

so opened yet another ticket with them as clearly they have a issue with their licence server. not even used this for a month and all these issues

Share this post


Link to post
Share on other sites
Got this thinking it would be a good addition to my services offered, but in a month i have got several emails as below

 

'Subject: Cron <********@westfold> php -f /home/********/public_html/*******/modules/addons/th_data_breach_notifications/cron.php

Date: Wed, 13 Sep 2017 07:40:32 +0100

From: Cron Daemon [email protected]***********

To: *************************

License Error'

 

so opened yet another ticket with them as clearly they have a issue with their licence server. not even used this for a month and all these issues

 

We just replied to your recent ticket, which is only the second ticket you have opened regarding this issue.

 

As part of your first ticket we identified an issue, corrected it, and released an updated version of the module.

 

Last night we experienced some network issues that could have prevented the module from reaching the licensing server. These network issues were beyond on control, and lasted for approximately 2.5 - 3 hours, after which things returned to normal.

 

We are always willing to work with our customers to diagnose and correct any issues that are found. It wouldn't make much business sense for us to be selling modules that contain bugs, and be unwilling to fix them.

 

Prior to release we run the modules on our own server for several weeks, and also have some beta testers that also test and provide feedback on the modules, in exchange for getting to use the module for free for one year. Since the beta testers also use the modules themselves they are generally pretty good at providing feedback and identifying issues.

 

We have not had any significant issues with this module. However, that being said, this module is being updated anyways, as we have made a few changes to it recently, and part of those changes is a more streamlined way of doing license checks. I'm confident that these changes will resolve any licensing errors you may experience.

 

When we release a module update we contact all of the customers that we have using that module to let them know.

 

The updated version has been in testing for a few weeks now, and the current plan was to have is ready for release by the end of this week. However, since there haven't been any major problems with this release I'll see if we can push that up to later today or tomorrow.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

By using this site, you agree to our Terms of Use & Guidelines