10/10/2018 Sandor Gera

Incident cased by a vulnerable plugin

Yesterday at 4.42pm (9-10-2018) we get some websites using an old Database plugin has been defaced. The incident happened only on one server and involved 12 websites only. No other websites or servers were attacked. As the attack was targeting a specific part which was used only on these 12 servers, other websites and servers are still safe and secured.

We identified the cause and removed the vulnerable parts immediately and started the restore process on these websites. All of the websites were back by 10.31pm.

During this incident there was no personal data or passwords stolen. The vulnerable parts won’t cause any problems.

We apologise for any inconvenience caused by this event however our alerting system and restoration process worked really well for us.

If anybody has a comment or a question we will answer them immediately and we will also update this post if there is any more information should be shared.

Thank you,

Sandor Gera