On April 28, eUKhost posted an alert on their web site:
In the past 24 hours we have been made aware that there has been a compromise of our billing system. Although the method of the compromise remains unclear, we can confirm that an administrator level login was compromised and an IP address added to an allow list to allow a successful login. We are still investigating how this compromise occurred and we can’t currently see any evidence of a database dump. However, with our billing system compromised on any level, passwords stored within and not changed since signup can potentially be compromised.
[…]
Brid-Aine Parnell has more about the breach on The Register:
eUKHost managing director John Strong told The Register that the hackers had not bothered to cover their tracks by deleting logs and the company had identified them as Pakistani group UrduHack.
The hackers gained entry via some “outdated software that wasn’t shut down properly on the website”, he added.
Read more on The Register.