{"id":49159,"date":"2026-07-14T04:21:55","date_gmt":"2026-07-14T04:21:55","guid":{"rendered":"https:\/\/speedinet.co.za\/?p=49159"},"modified":"2026-07-14T04:21:55","modified_gmt":"2026-07-14T04:21:55","slug":"blesta-hacked-ransom-gang-threatens-to-leak-customer-details-tomorrow","status":"publish","type":"post","link":"https:\/\/speedinet.co.za\/?p=49159","title":{"rendered":"Blesta Hacked \u2013 Ransom Gang Threatens to Leak Customer Details Tomorrow"},"content":{"rendered":"<div>\n<div class=\"simplesocialbuttons simplesocial-simple-icons simplesocialbuttons_inline simplesocialbuttons-align-left post-52905 post  simplesocialbuttons-inline-no-animation\">\n\t\t<button class=\"ssb_fbshare-icon\" rel=\"nofollow\" target=\"_blank\" aria-label=\"Facebook Share\" data-href=\"https:\/\/www.facebook.com\/sharer\/sharer.php?u=https:\/\/lowendbox.com\/blog\/blesta-hacked-ransom-gang-threatens-to-leak-customer-details-tomorrow\/\" onclick=\"javascript:window.open(this.dataset.href, '', 'menubar=no,toolbar=no,resizable=yes,scrollbars=yes,height=600,width=600');return false;\"><br \/>\n\t\t\t\t\t\t<span class=\"icon\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewbox=\"0 0 16 16\" class=\"_1pbq\" color=\"#ffffff\"><path fill=\"#ffffff\" fill-rule=\"evenodd\" class=\"icon\" d=\"M8 14H3.667C2.733 13.9 2 13.167 2 12.233V3.667A1.65 1.65 0 0 1 3.667 2h8.666A1.65 1.65 0 0 1 14 3.667v8.566c0 .934-.733 1.667-1.667 1.767H10v-3.967h1.3l.7-2.066h-2V6.933c0-.466.167-.9.867-.9H12v-1.8c.033 0-.933-.266-1.533-.266-1.267 0-2.434.7-2.467 2.133v1.867H6v2.066h2V14z\"><\/path><\/svg><\/span><br \/>\n\t\t\t\t\t\t<span class=\"simplesocialtxt\">Share <\/span> <\/button><br \/>\n<button class=\"ssb_tweet-icon\" rel=\"nofollow\" target=\"_blank\" aria-label=\"Twitter Share\" data-href=\"https:\/\/twitter.com\/intent\/tweet?text=Blesta+Hacked+%E2%80%93+Ransom+Gang+Threatens+to+Leak+Customer+Details+Tomorrow&amp;url=https:\/\/lowendbox.com\/blog\/blesta-hacked-ransom-gang-threatens-to-leak-customer-details-tomorrow\/&amp;via=LowEndNetwork\" onclick=\"javascript:window.open(this.dataset.href, '', 'menubar=no,toolbar=no,resizable=yes,scrollbars=yes,height=600,width=600');return false;\"><br \/>\n\t\t\t\t\t\t<span class=\"icon\"><svg viewbox=\"0 0 16 14\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M4.9 0H0L5.782 7.7098L0.315 14H2.17L6.6416 8.8557L10.5 14H15.4L9.3744 5.9654L14.56 0H12.705L8.5148 4.8202L4.9 0ZM11.2 12.6L2.8 1.4H4.2L12.6 12.6H11.2Z\" fill=\"#fff\"><\/path><\/svg><\/span><i class=\"simplesocialtxt\">Post <\/i><\/button><br \/>\n<button class=\"ssb_linkedin-icon\" rel=\"nofollow\" target=\"_blank\" aria-label=\"LinkedIn Share\" data-href=\"https:\/\/www.linkedin.com\/sharing\/share-offsite\/?url=https:\/\/lowendbox.com\/blog\/blesta-hacked-ransom-gang-threatens-to-leak-customer-details-tomorrow\/\" onclick=\"javascript:window.open(this.dataset.href, '', 'menubar=no,toolbar=no,resizable=yes,scrollbars=yes,height=600,width=600');return false;\"><br \/>\n\t\t\t\t\t\t<span class=\"icon\"> <svg version=\"1.1\" id=\"Layer_1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" x=\"0px\" y=\"0px\" width=\"15px\" height=\"14.1px\" viewbox=\"-301.4 387.5 15 14.1\" enable-background=\"new -301.4 387.5 15 14.1\" xml:space=\"preserve\"> <g id=\"XMLID_398_\"> <path id=\"XMLID_399_\" fill=\"#FFFFFF\" d=\"M-296.2,401.6c0-3.2,0-6.3,0-9.5h0.1c1,0,2,0,2.9,0c0.1,0,0.1,0,0.1,0.1c0,0.4,0,0.8,0,1.2 c0.1-0.1,0.2-0.3,0.3-0.4c0.5-0.7,1.2-1,2.1-1.1c0.8-0.1,1.5,0,2.2,0.3c0.7,0.4,1.2,0.8,1.5,1.4c0.4,0.8,0.6,1.7,0.6,2.5 c0,1.8,0,3.6,0,5.4v0.1c-1.1,0-2.1,0-3.2,0c0-0.1,0-0.1,0-0.2c0-1.6,0-3.2,0-4.8c0-0.4,0-0.8-0.2-1.2c-0.2-0.7-0.8-1-1.6-1 c-0.8,0.1-1.3,0.5-1.6,1.2c-0.1,0.2-0.1,0.5-0.1,0.8c0,1.7,0,3.4,0,5.1c0,0.2,0,0.2-0.2,0.2c-1,0-1.9,0-2.9,0 C-296.1,401.6-296.2,401.6-296.2,401.6z\"><\/path> <path id=\"XMLID_400_\" fill=\"#FFFFFF\" d=\"M-298,401.6L-298,401.6c-1.1,0-2.1,0-3,0c-0.1,0-0.1,0-0.1-0.1c0-3.1,0-6.1,0-9.2 c0-0.1,0-0.1,0.1-0.1c1,0,2,0,2.9,0h0.1C-298,395.3-298,398.5-298,401.6z\"><\/path> <path id=\"XMLID_401_\" fill=\"#FFFFFF\" d=\"M-299.6,390.9c-0.7-0.1-1.2-0.3-1.6-0.8c-0.5-0.8-0.2-2.1,1-2.4c0.6-0.2,1.2-0.1,1.8,0.2 c0.5,0.4,0.7,0.9,0.6,1.5c-0.1,0.7-0.5,1.1-1.1,1.3C-299.1,390.8-299.4,390.8-299.6,390.9L-299.6,390.9z\"><\/path> <\/g> <\/svg> <\/span><br \/>\n\t\t\t\t\t\t<span class=\"simplesocialtxt\">Share<\/span> <\/button><br \/>\n <button class=\"ssb_reddit-icon\" rel=\"nofollow\" target=\"_blank\" aria-label=\"Reddit Share\" data-href=\"https:\/\/reddit.com\/submit?url=https:\/\/lowendbox.com\/blog\/blesta-hacked-ransom-gang-threatens-to-leak-customer-details-tomorrow\/&amp;title=Blesta+Hacked+%E2%80%93+Ransom+Gang+Threatens+to+Leak+Customer+Details+Tomorrow\" onclick=\"javascript:window.open(this.dataset.href, '', 'menubar=no,toolbar=no,resizable=yes,scrollbars=yes,height=600,width=600');return false;\"><br \/>\n\t\t\t\t\t\t<span class=\"icon\"> <svg version=\"1.1\" id=\"Capa_1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" x=\"0px\" y=\"0px\" width=\"430.117px\" height=\"430.117px\" viewbox=\"0 0 430.117 430.117\" style=\"enable-background:new 0 0 430.117 430.117;\" xml:space=\"preserve\"> <g> <path id=\"reddit\" d=\"M307.523,231.062c1.11,2.838,1.614,5.769,1.614,8.681c0,5.862-2.025,11.556-5.423,16.204 c-3.36,4.593-8.121,8.158-13.722,9.727h0.01c-0.047,0.019-0.094,0.019-0.117,0.037c-0.023,0-0.061,0.019-0.079,0.019 c-2.623,0.896-5.312,1.316-7.98,1.316c-6.254,0-12.396-2.254-17.306-6.096c-4.872-3.826-8.56-9.324-9.717-15.845h-0.01 c0-0.019,0-0.042-0.009-0.069c0-0.019,0-0.038-0.019-0.065h0.019c-0.364-1.681-0.551-3.36-0.551-5.021 c0-5.647,1.923-11.07,5.097-15.551c3.164-4.453,7.626-7.99,12.848-9.811c0.019,0,0.038-0.01,0.038-0.01 c0.027,0,0.027-0.027,0.051-0.027c2.954-1.092,6.072-1.639,9.157-1.639c5.619,0,11.154,1.704,15.821,4.821 c4.611,3.066,8.354,7.561,10.23,13.143c0.019,0.037,0.019,0.07,0.037,0.103c0,0.037,0.019,0.057,0.037,0.084H307.523z M290.329,300.349c-2.202-1.428-4.751-2.291-7.448-2.291c-2.175,0-4.434,0.621-6.445,1.955l0,0 c-19.004,11.342-41.355,17.558-63.547,17.558c-16.65,0-33.199-3.514-48.192-10.879l-0.077-0.037l-0.075-0.028 c-2.261-0.924-4.837-2.889-7.647-4.76c-1.428-0.925-2.919-1.844-4.574-2.521c-1.633-0.695-3.447-1.181-5.386-1.181 c-1.605,0-3.292,0.359-4.957,1.115c-0.086,0.033-0.168,0.065-0.252,0.098h0.009c-2.616,0.999-4.66,2.829-5.974,4.994 c-1.372,2.23-2.046,4.826-2.046,7.411c0,2.334,0.551,4.667,1.691,6.786c1.085,2.007,2.754,3.762,4.938,4.938 c21.429,14.454,46.662,21.002,71.992,20.979c22.838,0,45.814-5.287,66.27-14.911l0.107-0.065l0.103-0.056 c2.697-1.597,6.282-3.029,9.661-5.115c1.671-1.064,3.304-2.296,4.704-3.897c1.4-1.591,2.525-3.551,3.16-5.875v-0.01 c0.266-1.026,0.392-2.025,0.392-3.024c0-1.899-0.467-3.701-1.241-5.32C294.361,303.775,292.504,301.778,290.329,300.349z M139.875,265.589c0.037,0,0.086,0.014,0.128,0.037c2.735,0.999,5.554,1.493,8.345,1.493c6.963,0,13.73-2.852,18.853-7.5 c5.115-4.662,8.618-11.257,8.618-18.775c0-0.196,0-0.392-0.009-0.625c0.019-0.336,0.028-0.705,0.028-1.083 c0-7.458-3.456-14.08-8.522-18.762c-5.085-4.686-11.836-7.551-18.825-7.551c-1.867,0-3.769,0.219-5.628,0.653 c-0.028,0-0.049,0.009-0.077,0.009c0,0-0.019,0-0.028,0c-9.252,1.937-17.373,8.803-20.37,18.248l0,0v0.01 c0,0.019-0.009,0.037-0.009,0.037c-0.861,2.586-1.262,5.255-1.262,7.896c0,5.787,1.913,11.426,5.211,16.064 c3.269,4.56,7.894,8.145,13.448,9.819C139.816,265.561,139.835,265.571,139.875,265.589z M430.033,198.094v0.038 c0.066,0.94,0.084,1.878,0.084,2.81c0,10.447-3.351,20.493-8.941,29.016c-5.218,7.976-12.414,14.649-20.703,19.177 c0.532,4.158,0.84,8.349,0.84,12.526c-0.01,22.495-7.766,44.607-21.272,62.329v0.009h-0.028 c-24.969,33.216-63.313,52.804-102.031,62.684h-0.01l-0.027,0.023c-20.647,5.013-41.938,7.574-63.223,7.574 c-31.729,0-63.433-5.722-93.018-17.585l-0.009-0.028h-0.028c-30.672-12.643-59.897-32.739-77.819-62.184 c-9.642-15.71-14.935-34.141-14.935-52.659c0-4.19,0.283-8.387,0.843-12.536c-8.072-4.545-15.063-10.99-20.255-18.687 c-5.542-8.266-9.056-17.95-9.5-28.187v-0.04v-0.037v-0.082c0.009-14.337,6.237-27.918,15.915-37.932 c9.677-10.011,22.896-16.554,37.075-16.554c0.196,0,0.392,0,0.588,0c1.487-0.101,2.987-0.159,4.488-0.159 c7.122,0,14.26,1.153,21.039,3.752l0.037,0.028l0.038,0.012c5.787,2.437,11.537,5.377,16.662,9.449 c1.661-0.871,3.472-1.851,5.504-2.625c31.064-18.395,67.171-25.491,102.358-27.538c0.306-17.431,2.448-35.68,10.949-51.65 c7.08-13.269,19.369-23.599,34-27.179l0.061-0.03l0.079-0.009c5.573-1.078,11.192-1.575,16.774-1.575 c14.869,0,29.561,3.521,43.31,9.017c6.086-9.185,14.776-16.354,24.97-20.375l0.098-0.056l0.098-0.037 c5.983-1.864,12.303-2.954,18.646-2.954c6.692,0,13.437,1.223,19.756,4.046v-0.023c0.009,0.023,0.019,0.023,0.019,0.023 c0.047,0.016,0.084,0.044,0.116,0.044c9.059,3.489,16.727,9.937,22.164,17.95c5.442,8.048,8.644,17.688,8.644,27.599 c0,1.827-0.103,3.657-0.317,5.489l-0.019,0.037c0,0.028,0,0.068-0.01,0.096c-1.063,12.809-7.551,24.047-16.736,32.063 c-9.24,8.048-21.207,12.909-33.49,12.909c-1.97,0-3.958-0.11-5.937-0.374c-12.182-0.931-23.541-6.826-31.886-15.595 c-8.373-8.755-13.768-20.453-13.768-33.08c0-0.611,0.056-1.237,0.074-1.843c-11.435-5.092-23.578-9.316-35.646-9.306 c-1.746,0-3.491,0.096-5.237,0.273h-0.019c-9.035,0.871-17.436,6.566-21.506,14.757v0.009v0.028 c-6.179,12.034-7.411,26.101-7.598,40.064c34.639,2.259,69.483,10.571,100.043,28.138h0.047l0.438,0.259 c0.579,0.343,1.652,0.931,2.623,1.449c2.101-1.704,4.322-3.456,6.856-4.966c9.264-6.17,20.241-9.238,31.223-9.238 c4.872,0,9.749,0.621,14.481,1.834h0.019l0.196,0.058c0.07,0.01,0.121,0.033,0.178,0.033v0.009 c11.183,2.845,21.3,9.267,28.917,17.927c7.612,8.674,12.731,19.648,13.73,31.561v0.025H430.033z M328.002,84.733 c0,0.469,0.01,0.95,0.057,1.44v0.028v0.056c0.224,6.018,3.065,11.619,7.383,15.756c4.34,4.14,10.1,6.702,15.942,6.725h0.08h0.079 c0.42,0.033,0.85,0.033,1.26,0.033c5.899,0.009,11.752-2.532,16.148-6.655c4.405-4.144,7.309-9.78,7.542-15.849l0.009-0.028v-0.037 c0.038-0.464,0.057-0.903,0.057-1.377c0-6.247-2.922-12.202-7.496-16.612c-4.555-4.406-10.688-7.136-16.735-7.12 c-1.951,0-3.884,0.266-5.778,0.854l-0.065,0.005l-0.056,0.023c-4.984,1.295-9.656,4.368-13.012,8.449 C330.046,74.486,328.002,79.508,328.002,84.733z M72.312,177.578c-4.63-2.156-9.418-3.696-14.15-3.676 c-0.794,0-1.597,0.047-2.39,0.133h-0.11l-0.11,0.014c-6.795,0.187-13.653,3.15-18.801,7.899 c-5.152,4.732-8.559,11.122-8.821,18.167v0.065l-0.012,0.058c-0.046,0.57-0.065,1.137-0.065,1.683 c0,4.345,1.333,8.545,3.593,12.368c1.673,2.847,3.867,5.441,6.348,7.701C45.735,204.602,58.142,189.845,72.312,177.578z M374.066,262.635c0-15.5-5.592-31.069-14.646-43.604c-18.053-25.119-46.055-41.502-75.187-50.636l-0.205-0.072 c-5.592-1.715-11.238-3.234-16.933-4.534c-17.025-3.876-34.48-5.806-51.917-5.806c-23.414,0-46.827,3.465-69.245,10.379 c-29.125,9.243-57.221,25.51-75.233,50.71v0.019c-9.129,12.587-14.475,28.208-14.475,43.763c0,5.727,0.716,11.453,2.23,17.025 l0.019,0.01c3.278,12.508,9.689,23.671,17.989,33.393c8.295,9.745,18.472,18.058,29.176,24.839c2.371,1.47,4.751,2.87,7.187,4.237 c31.094,17.356,66.898,24.964,102.445,24.964c6.012,0,12.06-0.214,18.033-0.644c35.797-2.959,71.742-13.525,100.8-35.115 l0.01-0.023c9.25-6.837,17.818-15.112,24.595-24.525c6.805-9.418,11.789-19.947,14.002-31.382V275.6l0.009-0.01 C373.627,271.32,374.066,266.985,374.066,262.635z M402.32,200.95c-0.009-3.762-0.868-7.507-2.753-11l-0.047-0.044l-0.019-0.056 c-2.521-5.19-6.479-9.11-11.248-11.782c-4.77-2.69-10.352-4.056-15.952-4.056c-5.063,0-10.1,1.132-14.57,3.379 c14.216,12.344,26.687,27.179,34.746,44.636c2.595-2.259,4.808-5.018,6.464-8.084C401.098,209.92,402.32,205.405,402.32,200.95z\"><\/path><\/g><\/svg><\/span><br \/>\n\t\t\t\t\t\t<span class=\"simplesocialtxt\">reddit <\/span><\/button>\n<\/div>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignright size-medium wp-image-52906\" src=\"https:\/\/lowendbox.com\/wp-content\/uploads\/2026\/06\/blesta-logo-300x300.png\" alt=\"Blesta\" width=\"300\" height=\"300\" srcset=\"https:\/\/lowendbox.com\/wp-content\/uploads\/2026\/06\/blesta-logo-300x300.png 300w, https:\/\/lowendbox.com\/wp-content\/uploads\/2026\/06\/blesta-logo-1024x1024.png 1024w, https:\/\/lowendbox.com\/wp-content\/uploads\/2026\/06\/blesta-logo-150x150.png 150w, https:\/\/lowendbox.com\/wp-content\/uploads\/2026\/06\/blesta-logo-768x768.png 768w, https:\/\/lowendbox.com\/wp-content\/uploads\/2026\/06\/blesta-logo-1536x1536.png 1536w, https:\/\/lowendbox.com\/wp-content\/uploads\/2026\/06\/blesta-logo.png 2000w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\">Yesterday Blesta customers received an email from support@blesta.com informing them that Blesta\u2019s servers had been hacked.\u00a0 The criminals state that they\u2019re holding customer data hostage, awaiting ransom payment from Blesta.<\/p>\n<p>Now at first you might think, well, this is just a ransom scam, the sort of \u201cfake breach\u201d emails that circulate regularly.<\/p>\n<p>However\u2026the emails appear fully authenticated, with SPF, DKIM, and DMARC, and were sent through Blesta\u2019s own infrastructure.\u00a0 Eeek.<\/p>\n<p><strong>We should caution that just because someone compromises an email system does not mean they\u2019ve compromised everything.<\/strong>\u00a0 But if what the email claims is true, this is potentially catastrophic.\u00a0 Blesta is a popular billing system, and holds customer data, API keys, automation info, and more.\u00a0 If Blesta is compromised, this breach could cascade very widely.<\/p>\n<p>No word from Blesta yet.<\/p>\n<p>Thanks to RackNerd for alerting us to the news!<\/p>\n<p>The community is talking about the potential security issue on LowEndTalk.<\/p>\n<h1>Update: Blesta Responds<\/h1>\n<blockquote>\n<p>Dear Customer,<\/p>\n<p>We are writing to inform you of a security incident affecting portions of our internal infrastructure.<\/p>\n<p>On June 25, we created a temporary support account for a third-party virtualization software vendor in connection with an active support request. We have since determined that an unauthorized party gained access using those credentials before the account password was changed that evening. The incident is currently under active investigation.<\/p>\n<p>The unauthorized individual used that access to send an email through our customer portal to a limited number of customers claiming that our systems had been compromised and threatening to publish customer data unless a ransom was paid. That email was unauthorized and was not an official communication from Blesta.<\/p>\n<p>Upon discovering the unauthorized activity, we immediately disabled the affected account, secured impacted systems, revoked unauthorized access, preserved forensic evidence, and began a comprehensive forensic investigation into the scope of the incident.<\/p>\n<p>Our investigation remains ongoing. We are reviewing system logs, server images, and other forensic evidence to determine what systems and information may have been accessed. Many people are asking if their Blesta installations are safe. At this time, we have found no evidence that the incident involved a vulnerability in the Blesta software itself.<\/p>\n<p>We understand that this incident is concerning, and we sincerely apologize for the uncertainty it has caused. We are committed to keeping our customers informed throughout the investigation and will provide additional updates as verified information becomes available. If we determine that any customer-specific action is necessary, we will contact affected customers directly.<\/p>\n<p>If you have any questions, please contact our support team.<\/p>\n<p>Thank you,<\/p>\n<p>The Blesta Team<\/p>\n<\/blockquote>\n<p>\u00a0<\/p>\n<p>The post Blesta Hacked \u2013 Ransom Gang Threatens to Leak Customer Details Tomorrow appeared first on LowEndBox.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Share Post Share reddit Yesterday Blesta customers received an email from support@blesta.com informing them that Blesta\u2019s servers had been hacked.\u00a0 The criminals state that they\u2019re holding customer data hostage, awaiting ransom payment from Blesta. Now at first you might think, well, this is just a ransom scam, the sort of \u201cfake breach\u201d emails that circulate [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[531,461],"tags":[],"class_list":["post-49159","post","type-post","status-publish","format-standard","hentry","category-blesta","category-editorial-news"],"_links":{"self":[{"href":"https:\/\/speedinet.co.za\/index.php?rest_route=\/wp\/v2\/posts\/49159","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/speedinet.co.za\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/speedinet.co.za\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/speedinet.co.za\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/speedinet.co.za\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=49159"}],"version-history":[{"count":0,"href":"https:\/\/speedinet.co.za\/index.php?rest_route=\/wp\/v2\/posts\/49159\/revisions"}],"wp:attachment":[{"href":"https:\/\/speedinet.co.za\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=49159"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/speedinet.co.za\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=49159"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/speedinet.co.za\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=49159"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}