bigusersmol

Hi,

To me this does not sound like a typical hacker attempt.

I’m also not familiar with the stripe payment gateway.

What i do understand in your story is that a bank accout got changed either in your Stripe account or in your admin account of your (clients) website.

If it is changed in your Stripe account then it has nothing todo with wordpress/woocommerce.

If it is changed in the admin area u should be able to find the whole banknumber instead of the last 4 digits.

Depending on where things happend u should talk to stripe or better protect your admin area.

Think about 2 factor authentication on the admin area or even better change your hostfile so that the admin area can only be accessed by your own IP address. What i usually do is block datacenters, VPN services and other types of connections like this as much as possible since all the crap always comes from those kind of connections.

As an example (for those who use wordfence) my wordfence logs don’t show any blocks on sites where i use this kind of protection and on the plus size u need way less resources if u block them upfront instead of running after them.

Hi,

If there is money transferred away from stripe then that money went some where, follow the trail and u will find the thief!

With that being said u should also consider better protection for your website and report the theft to the police (eventhough they won’t be able todo much u want the theft tobe documented). Even security programs like Wordfence don’t do enough to prevent these kind of things. as an example check your logfiles and u will see that half of the connections that are being made are bassicly unwanted. Get rid of the unwanted connections and u will have a top nutch secured website.

If u need any advice on how todo this let me know and we can work something out!