We have been aware of this breach since 27th of October and our team started to troubleshoot and resolve this issue the same day, immediately after becoming aware of its existense.
In an effort to protect our free users we have temporarily blocked access to systems affected by this security flaw. We have re-enabled access to the affected systems after an investigation and once all security issues had been resolved. Affected systems included our website and our members area. Additionally we have temporarily blocked FTP access as FTP passwords have been dumped as well.
We reset all users passwords in our systems and increased the level of encryption to prevent such issues in the future.
UPDATE #1: NOVEMBER 1, 2015 - We have restored basic access to the members area.
UPDATE #2: NOVEMBER 2, 2015 - We have enabled client support via Facebook page, added many features back to the control panel.
UPDATE #3: NOVEMBER 3, 2015 - We have enabled most of the control panel features. Also, moved forum to secure server and re-enabled it until update to the latest version is ready.
UPDATE #4: NOVEMBER 5, 2015 - We have re-added even more features to the members area, re-enabled website builder, made members area fully mobile friendly!
UPDATE #5: NOVEMBER 12, 2015 - We have re-enabled new client signups back to 000webhost system. Added almost all of the features back.
UPDATE #6: NOVEMBER 17, 2015 - We have re-enabled support system from the members area, clients can now submit tickets directly to us via Helpdesk: https://www.000webhost.com/cpanel-login