WooThemes Data Breach
From now I guess most of the WooThemes’s customer has receive the important update. If you have changed the credit card recently due to the Heartbleed bug recently , you might be save, if not time to check your credit card bill now started from 2nd or 3rd May.
I still remember on 5th May morning, I woke up in the early morning and saw lots of of SMS from my Bank which mention about lots of transaction happen when I sleeping, yes my first hit by credit card fraud after using credit card for online payment for so long. My bank actually blocked the card after 15 transaction which i think is a bit inefficient, the recover process is troublesome which include fill in some paper form for all the transactions that you didn’t make and even the merchant credit back there are still some different due to the currency issue which again you need to call in to waive it.
I been thinking since the incident , which part of my payment goes wrong ? the credit card has been use for a multiple web services company , is it one of these company has been breached ? Shall I inform them ? is it due to the Heartbleed bug ? after one week later I saw the WooTheme’s post and realise that must be the root cause , my last purchase on WooThemes is all the way back to Dec 2013, which is why I didn’t suspect in the first place.
I think WooThemes handle this data breach pretty well.
- They been transparent with the follow-up update on their blog.
- They change the payment gateway to Paypal almost immediately.
- They email the customer with all the update.
- They compensate customer with some discount promo.
Just like what Chris Lema posted everyone will have issue , with the data breach so often happen around the web , there is hardly any store that are 100% secure, again the recent Heartbleed bug is a very good example, what more important is how they handle after things like this happen.
For me I will still continue support WooThemes since I have a few client which running on the WooCommerce and so far I been using their product happily, but I will more cautions on how I using my credit card for online payment. What I can think of is only use 1 credit card for all the online payment, tie another credit card with my Paypal account, so that it won’t affected each other, always check my mobile phone SMS and