Templatic Hacked, Files and Databases Compromised

Templatic, a WordPress commercial theme company, reported on Saturday, April 30th, that its site was hacked. Files and databases containing customer usernames and passwords were compromised. According to R. Bhavesh, founder of Templatic, the data is being held for ransom money.

The hacker is now threatening us via email and demanding ransom money be paid. This hacker is also threatening to misuse the data they’ve illegally gained access to and email our data to customers.

While this is a very serious and dangerous threat, we are not going to give in to threats and we will not be negotiating with any hacker and that’s no matter how much they try.

Bhavesh is working with local authorities and security experts who are investigating the matter. Since transactions on Templatic are handled directly by PayPal or 2Checkout, hackers were not able to obtain credit card information.

Customers Should Immediately Change Their Passwords

If you’ve ever shared cPanel, FTP, or wp-admin, login credentials with Templatic, you should immediately change your passwords. If you are using a product that relies on the Tevolution plugin and haven’t updated yet, you should do so immediately.

Customers are advised to ignore emails sent from Templatic, “The email we sent today is the last email we will send regarding this matter. Anything further, we will share it on our social mediate accounts at twitter, facebook and our official blog here,” Bhavesh said.

Customers are also advised to create a full backup of their sites and use a free site scanning tool to scan for unknown files. Bhavesh apologized for what happened and says he accepts full responsibility, “I take up the responsibility of this and I sincerely apologize to each single one of our customers. We assure you that we are taking best security measures and fight this, no matter what.”


24 responses to “Templatic Hacked, Files and Databases Compromised”

  1. This reminds me of all the times companies have asked me to share FTP/SSH credentials via their support systems and wondered why I refused to hand them over. If details like that are going to be shared, they need to be deleted immediately so that these sorts of problems can not occur.

    • You are right Ryan,

      Customers however have different level of technical knowledge. Sometime, they don’t even know what a theme or plugin is. We ask for FTP in order to speed up the issues they are facing instead of making them go through the technicalities (which frustrates them very quickly).

      Downside is that things like this can happen. At the moment we are using Groove.com SaaS helpdesk so no issues there. But our old helpdesk did have some tickets there.

        • I have used LastPass for many years and on my mobile phone too.

          A very smart server admin introduced me to it and suggested I use it to share my login credentials with his company.

          LastPass has the ability to share login credentials without letting the password be seen by the person you’re sharing it with, you can see in their logs if the credentials have ever been used, and the share can easily be revoked.

          Works for me and I bet it would work for most people here too.

  2. The link to the “free site scanning tool” mentioned in the post sends you to Sucuri who scans you site and never ever finds a firewall, even if you have one. Point being is that Sucuri wants to sell it’s services, so I am suspicious about the results. I guess the author should’ve suggested a truly free service not out to sell stuff.


Subscribe Via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.