Sunday, May 1, 2016

WordPress theme seller, Templatic hacked, victim of ransom demands

WordPress theme seller says it did not store credit cards on its servers, but says files and databases have been compromised and recommends users update a plug-in, change any commonly used passwords, scan you website for intrusions

The WordPress theme company Templatic has written to customers to say their website has been hacked. Furthermore, it appears that who ever did the hacking has gained access to files and the database, and is now demanding money from the website's owner.

"The hacker is now threatening us via email and demanding ransom money be paid. This hacker is also threatening to misuse the data they've illegally gained access to and email our data to customers," founder R. Bhavesh said in an email to customers.

"While this is a very serious and dangerous threat, we are not going to give in to threats and we will not be negotiating with any hacker and that's no matter how much they try. A security expert has been assigned to this case and investigations are now being conducted. We are also taking legal action against all the illegal activities the hacker has been involved in."

According to Templatic, the company does not store credit card information on its site as all transactions are through PayPal or 2Checkout, but they do, of course, store passwords.

The company, based in Surat, India, said it would not send another email to customers so that they do not get spoofed should emails start coming though. The company has also taken down its website and is working with a company to clean and protect its website.

Here is what the company recommends its customers do:

What you must do immediately
  • If you ever shared your site login information with us such as for your cPanel, FTP or wp-admin, you should immediately change the logins.
  • If you are using any of our products that use the "Tevolution" plugin and you haven't yet updated the plugin, please follow the instructions in this post (https://templatic.com/news/security-vulnerability-found-themes/) and update the plugin immediately.
  • Make sure no unknown files are present on your site. We strongly advise you to scan your site now by using security sites such as sucuri.net
  • In case you are using the same email ID and password for your email account and your account at templatic, you must also change the logins for your email immediately.

    • Source: WordPress theme seller, Templatic hacked, victim of ransom demands

    Posted by at

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)