In case you have not heard, WooThemes released a security patch recently for the framework which drives all their themes. WooThemes provides premium (i.e., paid) themes with some great functionality. They offer some great support and have a bunch of themes that look great!
I have a subscription to their themes and use them on client’s websites. I received notification as soon as it was discovered and an update was provided. The upgrade was painless and the support was FANTASTIC.
To make things worse, a their servers had someone snooping inside and doing some nasty things.
Yup – what I am saying is that WooThemes was hacked and their whole server was basically deleted! The hackers were really good – after they deleted the files on the server, then went and deleted the backups of their files. Finally, the hackers deleted any trace of how they got into the server – sounds like a plot of a movie!
The good news is that no credit card information was compromised since that information was NOT on the server that was attacked.
What can be learned from this:
- EVERYONE is vulnerable to being attacked. You, Me, and even the Big Guys!
- EVERYONE needs to take security seriously – it doesn’t matter how ‘small’ you think you are!
- UPDATE, UPDATE, UPDATE – when an update is made available, make sure you update your theme, your plugin, your whatever!
- As a professional, I dropped what I was doing to tend to the needs of my clients as I felt I had a responsibility to protect them.
- Customer Service is key – address the issue and do what you can in time of crisis. The folks at WooThemes got clobbered by angry folks (they had a right to be angry). I felt they did a great job and even sent them a personal email thanking them for their support.
If you have a presence online, the possibility is always there that you might be hacked. Protect yourself and do what you can to be safe!
Leave a Reply