Up to 13 million accounts may be impacted as documented below and users should quickly revise their ID/passwords as advised:

https://threatpost.com/web-hosting-service-000webhost-hacked-information-of-13-million-leaked/115200/

Information on nearly 14 million users of 000webhost, a Lithuanian web hosting service, was spilled earlier this year when a hacker exploited an old version of the company’s website and gained access to the backend.   13.5 million customer usernames, plaintext passwords, email addresses, IP addresses, and names were exposed as part of the breach, according to a Facebook post from the company Thursday morning.

000webhost first disclosed the breach Wednesday morning in a preceding Facebook post but was hazy with details, claiming that at some point a hacker leveraged an exploit on an old PHP version of the company’s site and uploaded some files.

“Although the whole database has been compromised, we are mostly concerned about the leaked client information,” the company wrote, adding that since it discovered the issue, its reset user passwords, and is cautioning any users who used the same password on another service to change it.