WooThemes is continuing to investigate a handful of reports of fraudulent activity on customers’ credit card accounts. The company worked with Sucuri who conducted a code audit and discovered three modified files on their server pointing toward an attack. WooThemes has published a blog post explaining the steps they’ve taken to prevent this incident from occurring in the future.
Mark Forrester made it clear in the announcement that the company doesn’t store any credit card details on the site, nor does WooCommerce, which increases the difficulty in identifying the problem. Although many of the reports are from customers who have made a purchase within the last 8 days, cards that were used in January have also been reported as compromised.
Some customers are experiencing upwards of $10,000 in fraudulent activity. In a recent thread on Reddit, some questioned whether WooThemes is trying to sweep this attack under the rug. Forrester said they understand the community’s frustration and are frustrated as a company as this was a criminal attack on their business. He also went on to say:
We really hope the general opinion is not that we are quietly avoiding this, and hoping it will blow over. We’ve been as forthcoming with information as we can be at this stage. We’ve answered as many press questions as we can, and we’ve updated our blog post with any new information as we get it.
There are many parts to this puzzle, many service providers, and many investigations internally and with authorities and financial institutions. Pointing fingers without supporting evidence is dangerous. We accept the fact that if you hadn’t shopped at WooThemes this would have probably not happened to you, and that makes us really sad. Our brand is known for excellent customer service, and this does not gel with that mantra.
We hope to bounce back stronger, but we realize we might lose some customer’s confidence along the way.
As a precautionary measure, WooThemes has reset their customer’s passwords. So far, 1,000 cases of fraudulent activity have been reported with reports drastically slowing down since May 9th.
This Is Not The First Time WooThemes Has Had Security Troubles
Two years ago almost to the day, WooThemes suffered a major attack that took out their database as well as the content on their server. The backups were deleted as were traces of the attack. The details regarding the attack were never published although the company said they would be, “Long story short, as we’ll save the juicy details for another blog post”.
Although WooThemes has done a good job keeping everyone informed about this latest security problem via their blog, they’ll need to explain to the public what happened in order to help customers regain confidence in doing business with them.
What Should You Do?
Customers should keep an eye on their credit card statements and report fraudulent activity to their financial institution. You should also contact WooThemes so they can add the report to their investigation.