TH Data Breach Notifications for WHMCS


Online security is serious business. Every year millions of people have their personal information leaked online. Sometimes breaches occur because of poor security measures in place on the websites people register on, and other times breaches occur because hackers target a specific company.

Even the largest companies and websites, where we expect our data is safe, are not safe from data breaches. MySpace, LinkedIn, Adobe, Dropbox, Tumblr, Sony, Snapchat, Yahoo, and hundreds of other websites have all been breached. Even website like Domino's Pizza and Acne.org, unlikely hacking targets, have had data breaches occur. The fact is that data breaches are something we all need to be concerned about, and many people have already had their data breached and leaked online without their knowledge.

One of the biggest concerns with data breaches is that many people reuse the same password for many different online services. Some estimates put the number of users that reuse passwords at 50%-55%.

As hosting and online service providers we all play an important role in protecting the security of our customers by keeping their data safe, and preventing unauthorized access to the data on our servers.

However since over 50% of people reuse the same password there's a very good chance that some of your customers are using passwords with you that have already been leaked online as part of a data breach from another website. No matter how much security you put in place, if an attacker has the user's password, there's nothing you can do to stop them from accessing the user's account on your servers without authorization.

Our TH Data Breach Notifications for WHMCS module adds an additional layer of protection for your users by comparing their e-mail address with over 3 billion breached accounts. If your customer's e-mail address was found in a breach the customer is notified through your Client Area and/or an e-mail notification about the breach, including information about the type of data that was included in the breach. So your customers will know what website the information was breached from (Adobe, LinkedIn, etc), as well as what kinds of information were included in the breach (e-mail addresses, passwords, phone numbers, etc). By notifying your customers of data breaches you give them the opportunity to change their passwords on your website, and others, if they reuse the same password for multiple sites. This can help keep their account, and data on your sever, secure.

TH Data Breach Notifications for WHMCS also contains personalized recommendations for your customers if they have been found in an online data breach. The module looks at the type of information contained in the breaches, like e-mail addresses, phone numbers, passwords, etc, and provides some advice and tips on how the user can best protect themselves, and if there are any actions they should take.

Since most people do not know when their data has been breached online providing this information to them in a meaningful way, like through our TH Data Breach Notifications for WHMCS module, could help improve your customer relationships. We use this module on our own site, for our own customers, and our experience so far has been that customers appreciate being informed when their data has been leaked online. Most of them had no idea their data was included in a breach.

The module also re-checks each account on a regular basis, so it can detect and notify your customers of any new breaches they are found in as well. Let's work together to make the internet a safer place, and keep our customers informed about their online safety.

Search Over 3 BILLION Breached Accounts

This module searches breaches from over 200 websites and more than 3,853,560,010 breached accounts. The matching is all done via an API using your customer's e-mail address. This module will simply supply the e-mail address of each of your customers to the API over a secure connection, and if the e-mail address has been found in any data breaches the API will return the breach information for the customer to view and take corrective action.

Client Area Notifications

When Client Area Notifications have been enabled customers will be notified of new breaches when they log in to your Client Area. Notifications are shown on the Client Area homepage, as well as in the "Notifications" area. Both contain a link to the full breach report.

E-mail Notifications

Customers can be notified of new breaches by e-mail when the E-mail Notification option is enabled. The e-mail report uses your standard e-mail header and footer, and can be customized through the E-mail Templates page in WHMCS. E-mail reports sent through this module are also logged under the "Emails" tab of the user's profile, as well as in the E-mail message Log, like all e-mails sent via WHMCS.

E-mail reports alert the customer that they have been found in a breach, and provide a summary of the breach. A link is provided in the e-mail that takes the customer to the full breach report in your Client Area.

Personalized Recommendations

This module provides personalized recommendations to each customer. Based on the breaches that a customer has been found in, and the types of data contained in those breaches, the recommendations page will contain some tips and information about actions the customer can take to protect themselves.

Easily Translatable

All of the customer-facing text can be configured to suit your needs. The Client Area pages can be configured by modifying the template file included with this module, and the text shown in the e-mail notifications can be configured through the WHMCS "Email Templates" page.


Client Area Notifications
Breach Reports
Customized Recommendations
E-mail Notifications
Partial List of Site Breaches
Admin Settings

Standard Version - $30 CAD

Annual License for 1 WHMCS site
  + 12 months support and updates.

Order Now


Version: 1.0.0
WHMCS V7 Compatible
WHMCS V6 Compatible
PHP 7 Compatible
PHP 5.6 Compatible

License Information

Purchase of this module includes an annual license, and one year of updates and support. Continued access to updates and support after this period will require the renewal of your license. A renewal order will be issued two weeks prior to your license expiring, and you can cancel your subscription at any time through the Client Area.

A Standard License allows you to install the module on one (1) WHMCS website. Installation on additional sites will require the purchase of additional licenses.

Install Instructions

  1. Download and unzip the module download from our site.
  2. Upload the module into your /modules/addons/ folder.
  3. Visit your admin area and navigate to Setup / Addon Modules.
  4. Click the module Activate button.
  5. Click Configure to display the module options.
  6. Enter your license key, and check the appropriate access rights.
  7. Click the Save button.

Frequently Asked Questions

Where does the breach data come from? This module can only return data about breaches that are publicly available. Breach data is provided by Have I Been Pwned? / CC BY

How many sites can I install the module on? The standard module license is valid for 1 WHMCS install only. Additional sites will require an additional license.

How can I suggest a new feature or improvement for this module? To suggest an improvement to this module, please Contact Us.


We Are Proud to Have Happy Customers in the Following Countries


Talon Energy Services
"We switched to TiVaHost because we were trying to improve the speed of our website, and since switching the support and the speed has dramatically improved. The control panel interface was a huge improvement over our previous host, and easy to use. I would highly recommend TiVaHost to anyone needing any type of product or service related to web hosting. If there were any issues, TiVaHost was always there to help resolve them promptly and professionally."
Kevin King, I.T./Security Administrator, Talon Energy Services (St. John's, Canada)
To view more testimonials, please visit our Customer Testimonial page.

Our Promise To You

At TiVaHost, if you're not happy, we're not happy.
Your website will be available at least 99.9% of the time.
If you are not fully satisfied, we'll refund your money.*
Friendly tech support staff are available 24 hours a day.