Last Friday, Mark Forrester released an important announcement indicating that WooThemes was investigating a series of fraudulent activities on their customers’ credit cards. Since then, WooThemes has been working to address the issue, and to determine the exact cause of the breach.
Yesterday, in a follow-up announcement, Magnus Jepson shared some information about the incident:
- Fraudulent charges are believed to have begun around May 1.
- The hackers may have obtained the credit card details somewhere between checkout and their off-site credit card processor.
- Customers affected by the breach are suspected to be those who made purchases between November 27, 2013 and May 8, 2014.
Jepson and Forrester both highlighted some of the steps that WooThemes has taken to address the breach:
- Their payment gateway was taken offline on May 8.
- 230,000 customers were emailed on May 9.
- They contacted Sucuri to perform a code and security audit.
- Their SSL certificate has been updated.
- All passwords have been reset.
- A full security audit of their servers was performed by WP Engine.
- Duo Security was installed for all admin accounts.
- Part of their website was moved off-site.
- They’ve moved their payment off-site, using PayPal Express.
The most recent update indicated that the exact cause of the breach is still unknown, but further analysis is underway.
If you were affected by the breach, it’s very likely that you’ve already been contacted. For more updates, continue to check the official WooThemes blog.
Marie Dodson is an editorial assistant at Torque. She graduated from Cornell University with a degree in Biology and Society. She enjoys wine, good books, and travel.
4 Comments