Η WooThemes, is one of the most popular WordPress theme developers, but it seems to have fallen victim to a data leak of its customers. The company already knows about 300 cases of malicious credit activity cards of its customers, from their complaints.
The company announced that it faces problems with its payment gateway at 7 May. He then immediately informed his customers and announced that sales stopped until the security gap was determined.
According to a publication on her blog, today's date is under investigation. Wohemhemes is still trying to find out the gap that allowed illegal activities.
“Almost all the malicious transactions happened in the last 5 days. Most of our customers have been notified and so have their banks and so transactions have stopped or cards have been cancelled,” said Mark Forrester, the cofounder by WooThemes.
The company asked to business ασφαλείας Sucuri τη διενέργεια ελέγχου ασφαλείας. Μέχρι στιγμής, η Sucuri εντόπισε τρία τροποποιημένα αρχεία στον server της WoοThemes που δείχνουν ότι έχει δεχτεί attack.
The company emphasizes the fact that it does not store credit card information in its systems, so attackers would not be able to make transactions from that information. One possible scenario, according to Forrester, is that the information intercepted during checkout.
All 230.000 subscribers of the company newsletter have been informed of the leak. In addition, WoemThemes requested a full review of the payment gateway from the company that had taken over it and updated its SSL certificates.