Hacked site DirectAdmin and client database

Yesterday, thousands of DirectAdmin clients received a letter of the following content [free translation]:

From: DirectAdmin <da-mailer@directadmin.com>
Topic: DirectAdmin Client Message
')
Dear% username%

Please note that a vulnerability exists in the current version of DirectAdmin.
In order to learn how to protect your server, until we have solved the issue with the patch,
please visit hxxp: //www.austinfosec.com.au/update.php [link phishing, there is a trojan]

Respectfully,
DirectAdmin.com

The attackers, at least, got access to the full name, mailboxes and license numbers.
There is a risk that they also have access to the client panels themselves.
The administration of DirectAdmin recognizes the fact that the distribution was made from their server, but claims that the client panel is completely safe.

Discussion on the official forum DirectAdmin .