After about 300 cases of payment card fraud were reported within a few days, WooThemes, a provider of WordPress themes, began notifying users that three modified files were discovered on its server and that payment card data may have been intercepted during the checkout process.
How many victims? About 300 cases of payment card fraud have been reported. An email alert was sent to all 230,000 newsletter subscribers.
What type of personal information? Payment card data.
What happened? After about 300 cases of payment card fraud were reported, WooThemes began notifying users that three modified files were discovered on its server and that payment card data may have been intercepted in the checkout process.
What was the response? WooThemes brought on Sucuri to conduct a code and security audit, updated its SSL certificate, requested a full review by its host and payment gateway, and changed its payment gateway to an offsite payment method – PayPal Express. All 230,000 newsletter subscribers were notified and a message was posted on the website. An investigation is ongoing.
Details: Reports of fraud began coming in over the past three days. Fraudulent transactions occurred within the past five days. The actual transactions on WooThemes took place in the beginning of the year. Sucuri discovered three modified files on the WooThemes server that could point towards an attack, but it cannot be said it is the reason for the breach.
Quote: “Without jumping to conclusions, and as already mentioned we do not store credit card details, so we believe this information was potentially intercepted in the checkout process,” according to the notification on the WooThemes website.
Source: woothemes.com, “Important information for all WooThemes Customers,” May 9, 2014.