Η WooThemes, is one of the most popular WordPress theme developers, but it seems to have fallen victim to a leak data of its customers. The company already knows about 300 cases of malicious activity on its customers' credit cards, from complaints by them.
The company announced that it is experiencing problems with the portal payments της στις 7 Μαΐου. Τότε ενημέρωσε άμεσα τους πελάτες της και ανακοίνωσε ότι σταματούν οι πωλήσεις μέχρι να καθοριστεί το security gap.
According to a publication on her blog, today's date is under investigation. Wohemhemes is still trying to find out the gap that allowed illegal activities.
"Almost all malicious transactions took place in the last 5 days. "Most of our customers have been notified, as have their banks, so transactions have stopped or cards have been canceled," said Mark Forrester, co-founder of WooThemes.
Η εταιρεία ζήτησε στην επιχείρηση ασφαλείας Sucuri τη διενέργεια ελέγχου ασφαλείας. Μέχρι στιγμής, η Sucuri εντόπισε τρία τροποποιημένα archives on the WooThemes server showing that it has been attacked.
The company highlights the fact that it does not store credit card details in its systems, so attackers could not trade from these items. A possible scenario, according to Forrester, is that the information has been hijacked during the completion of the order.
All 230.000 subscribers of the company newsletter have been informed of the leak. In addition, WoemThemes requested a full review of the payment gateway from the company that had taken over it and updated its SSL certificates.