site hacked

  • Resolved offpeakdesign

    (@offpeakdesign)


    4 years, 6 months ago

    Found some malicious files on the site. Some of the give plugin files were affected. We had Stripe option applied, any chance financial data can be compromised or is that information only processed by stripe directly?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Matheus Martins

    (@matheusfd)

    Hey @offpeakdesign,

    Glad you reached out!

    When a site is hacked, you may need to find out what exactly was compromised in the invasion, like if the hackers were able to access your database or access your user’s data, for example.

    When using GiveWP you have some sensitive data that is stored on your site, like Donor’s name, email, billing address, and the donation meta, that allows you to see the payment key, the donor’s IP, and the transaction ID. I say this data is sensitive because a hacker could use this info to do some social engineering, using their data to access their account on your site or on a third-party service.

    Regarding the payment, all that information is processed on the payment gateway, in your case, I think it’s Stripe, correct? All the card details are sent directly to Stripe, who processes it and then get back to your site with the information. No credit cards are saved on your site.

    Hope it clarifies!

    Please let us know if you have further questions on this or need any additional assistance!

    Thread Starter offpeakdesign

    (@offpeakdesign)

    Thanks for clarifying. Any suggestions to protect their accounts? Also, I’m not the web person that set up the account and I notice there are many “abandoned” or “pending” statuses.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘site hacked’ is closed to new replies.