Missing Databases

By Sledge

Not sure if it's Elgg that has the vulnerability or if it's just that my hosting account was hacked, but I recently lost two complete sites that were running Elgg. I'm skeptical that my account was targetted because I run several websites but only the two Elgg sites were hit.

When I logged on recently, I found both sites with the error message "Elgg couldn't select the database 'eastcoa1_uber'". I opened my cPanel to see if something was somehow changed in the settings file but to my horror I discovered that the databases for each site had been deleted. DELETED! No other site was touched.

Is it possible that there is a vulnerability in the Elgg software that would allow a user to change or delete a database? I can think of no other possibility. All my other databases were present.