Here's a tale of 3 hacks and 3 WordPress Websites
Guess what the websites for a local coffee shop, a digital communications company, and a national training company have in common? They all thought that hackers would have little interest in their websites.
What could hackers want with them?
- They didn't have any e-commerce on their website.
- They didn't store customer names.
- They had very little secure data other than administrative passwords.
What they actually had in common was websites built with WordPress and lots of third-party plugins.
Join the panel discussion about WordPress security solutions
What could a hacker do with a simple website like these? On one website hackers hid a link to a triple X website in the code, with another they completely shut down the website, and on a third, they corrupted the code requiring expensive rebuilds.
The question that this kind of activity begs, is "why?" But that is really the wrong question because this kind of hacking, along with lots of other examples is a daily occurrence for thousands of WordPress website owners.
Once a hacker has control of a website a number of potential activities can begin. Hackers can insert code into downloads or other communications with website visitors and customers. They can send out phishing emails that lead back to pages they control, siphoning off personal information under the guise of your brand. They can use the server resources to launch other types of attacks. None of these activities are simply malicious - they are high risk for any organizational leader.
The aftermath of hacked websites
All three website owners were left shaking their heads and pulling out their checkbooks. What if they had been storing customer names, or if they were put in the position of having to contact all of those customers? The cost of this kind of hack is not just money, it's reputational risk.
WordPress is breaking records for the sheer number of websites built, and the number of websites hacked. If you have a WordPress website, security can't be ignored.