Private Sector /

United Kingdom

Emergency Website Recovery with piece of mind

An award-winning company website gets maliciously attacked by hackers. Find out how Tecology takes control of the situation and recovers the website and data with minimal downtime for the business.
Website Recovery

The Challenge

We received a phone call from a company in Scotland that had just received an email from one of their customers advising that it looked like their website had been hacked. The customer advised that upon viewing the website it showed an insecure connection in their website browser and was diverting them to add their personal information to another website in a foreign language.

Naturally, the company was alarmed to hear this from one of their customers and upon inspection of their website they realised that had indeed been hacked and no longer had access to their website and no way to directly fix the issue. Upon calling their hosting provider, they were also advised to hire an IT security website recovery service or data expert to address the issue as this sat ‘out of scope’ with the hosting provider’s services and not their responsibility.

Needless to say, this left the company in a very difficult situation. Not only were they worried about customers accessing the website but they were also concerned about the data held on the website, which included personally identifiable information about their active clients.

Our Solution

At Tecology we understand the architecture behind WordPress in immense detail and we were glad to receive the phone call and put the client’s mind at rest. We first took the website offline and added a temporary holding screen that the website was down for maintenance and contact details should anyone wish to email/call the client company. We then set about the following tasks to resolve the issue:

  • Take an offline backup copy of the website for examination
  • Assess the WordPress file repository for anomalies i.e. files or code that should not be there
  • Sanitise all malicious code within the repository
  • Check all database tables for irregularities / unusual data
  • Rebuild the database and optimise where required by removing unnecessary or redundant entries
  • Scan all files across the repository for any else that might allow the hack to reoccur
  • Update WordPress core to the latest version
  • Remove any WordPress plugins that had known security risks or were simply not required
  • Apply website hardening with quality security plugins with optimised settings
  • Run a local check across all of the website pages and functionality
  • Redeploy back to the client webserver
  • Complete a full report for the client in relation to any potential data leakage along with recommendations

 

This was a complex hack but we could see clearly the source point had come from a free WordPress plugin that contained a flawed code and had provided the access point for the hackers. In this case, the website designer had abandoned the website and was no longer supporting the client with updates and maintenance which led to the website becoming vulnerable over time. The website had also been developed with low-quality WordPress plugins which are known security issues within the expert WordPress community.

If you are ever in this situation please feel free to contact us for a free consultation call and we will work with you to recover your website quickly, efficiently and at minimal cost and downtime to your organisation.

To ensure this never happens to you, we would highly recommend one of our tailored website maintenance plans and we will manage everything related to your website speed, and security on your behalf.

What was included

Full database and website backup
Full data audit of infected files
Data Sanitisation of infected files
Upgraded the core PHP MySQL database
Upgraded Core Wordpress Directory
Data Security Hardening to stop future attacks
Depreciated 13 outdated plugins that were not required and created vulnerabilities
Full audit on potential PII data leakage of client details with report