From the official forum post
Thanks for your patience everyone. We are still investigating but don’t want to leave you in the dark. Here’s what we know so far:
- Our server was compromised (not at the root level but serious enough nonetheless) and is being used to send those malicious e-mails to customers. We have disabled our mail server to interrupt this process.
- Some customer information has been compromised: Name, e-mail address, mailing address, license ID#’s.
- Billing information (e.g. Credit Card numbers, PayPal accounts, etc.) is absolutely safe. We use a restricted merchant gateway that doesn’t allow us, even as owners, to view your full credit card information.
- Finally, don’t click that link. It’s a malicious program but it can be cleaned with Trend Micro Housecall, MalwareByte’s Anti-Malware, etc.
Will keep you updated..
Some of the customers started getting scam-ish email like this. I dont use DirectAdmin (aka DA), but still many DO use it since its a cheap control panel starting from FREE with quarterly or yearly packages to $5/month, its cheaper then my CPanel licenses 😀