WooThemes users notified of payment card breach, 300 reports of fraud

Share this article:

After about 300 cases of payment card fraud were reported within a few days, WooThemes, a provider of WordPress themes, began notifying users that three modified files were discovered on its server and that payment card data may have been intercepted during the checkout process.

How many victims? About 300 cases of payment card fraud have been reported. An email alert was sent to all 230,000 newsletter subscribers.

What type of personal information? Payment card data.

What happened? After about 300 cases of payment card fraud were reported, WooThemes began notifying users that three modified files were discovered on its server and that payment card data may have been intercepted in the checkout process.

What was the response? WooThemes brought on Sucuri to conduct a code and security audit, updated its SSL certificate, requested a full review by its host and payment gateway, and changed its payment gateway to an offsite payment method – PayPal Express. All 230,000 newsletter subscribers were notified and a message was posted on the website. An investigation is ongoing.

Details: Reports of fraud began coming in over the past three days. Fraudulent transactions occurred within the past five days. The actual transactions on WooThemes took place in the beginning of the year. Sucuri discovered three modified files on the WooThemes server that could point towards an attack, but it cannot be said it is the reason for the breach.

Quote: “Without jumping to conclusions, and as already mentioned we do not store credit card details, so we believe this information was potentially intercepted in the checkout process,” according to the notification on the WooThemes website.

Source: woothemes.com, “Important information for all WooThemes Customers,” May 9, 2014.

Share this article:

Sign up to our newsletters

POLL

More in The Data Breach Blog

Seattle University donor checks possibly exposed due to settings error

Seattle University is notifying an undisclosed number of donors that anyone with a Seattle University computer account could have viewed scanned checks.

Laptop stolen from Self Regional Healthcare contained patient data

As least 500 patients of Self Regional Healthcare have been notified that their personal information was on a laptop stolen from a Self Regional facility.

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.