How Hackers Broke My Business: A Personal Tale from the Dark Side

Do you take your website security seriously enough? I didn’t, and hackers broke my business. I thought I did take security seriously enough, but I didn’t know what I didn’t know and it cost me. 

It cost me time.

It cost me money.

It cost me relationships.

How Hackers Broke My Business

“It’s time,” I announced to my husband. “I’m going to get serious about building this business.”

“I thought you already were serious about it,” came his muttered reply.

“I have been, but now I’m going to invest in making it grow.”

I had talked to my dad and he was willing to invest some capital, so I went in search of a “professional design company” to help me build my brand, my website around my brand, and ultimately my business.

After dropping around $1500.00 (maybe not that much for some folks, but a lot for a homeschooling mom of three boys building a business from scratch), I launched. 

Everything went fine until it didn’t. When it didn’t, I went in search of answers. My hosting company was a huge help. What they discovered was a small bit of replicating code that had spread out through my website. 

The good news was they had found the issue that had crashed my website. The bad news was the code replicated somewhere else every time it was deleted. “You are going to have to rebuild your site.”

The most frustrating part of the attack is that I had no clue. If my website hadn’t gone down for an unrelated issue, then the code would not have been discovered until it was too late. As it stood, my delays allows hackers to break my business.

What I Did Wrong

1. I skimped on security. Who would want to hack a tiny website like mine, right?
2. I didn’t back up often enough. The closest backup we had without the tiny, replicating code from hades was months old. Too old for someone creating daily content.
3. I didn’t listen to those who knew better. People in the industry (at WordCamps and WordPress Meetups) had hammered the notion of security, but it went in one ear and out the other. “I’ll worry about that when my business takes off.”

I knew from the beginning the importance of security. If I had learned from past experience (someone broke into our small house when we were first married and had NOTHING), then I would have prepared better.

Would of, could of, should of are the three links to hindsight success – which doesn’t actually exist.

Instead, I did as little as I could while spending even less and the results slammed me in the long run. It will always cost more to lose what you’ve built than it will to protect what you’ve built.

Overcoming a Broken Business

The company that had JUST built my website wanted to charge me more money to reload the theme they had used. They also said they wouldn’t be able to get to it for another week. 

I didn’t have a week to wait. The whole reason I had invested in the update of my website was because of an event I had coming up . . . in a week. I needed my website going and I needed it going right.

[pullquote]I cried for three days. Nothing hurts as much as losing your $1500 investment, except losing the money someone else invested in you because they believed in what you were doing.[/pullquote]

Once I got the tears out, I got to work. I chose a new theme. I loaded up security plug-ins. I began meticulously sorting the content on my website to move over only what wasn’t infected by the code from hades. It took several days and required all of my time and focus. 

• I missed out on an awards dinner for the boys.
• I missed out on sleep (which made me even more stressed).
• I missed out on the little income I had started producing on my website.
• I missed out on being able to do what needed to be done for the upcoming event.
• Most importantly, I no longer had the $1500 investment or the website that had come from that investment. 

Hackers Gonna Hack

Did you know that hackers will use a herd of small websites to wreak havoc on the internet? I can promise you that now I do. 

Hackers will set code to launch at a certain date and will use multiple sites to make more of an impact. The more vulnerable your website, the more likely hackers are to use your site in one of these types of attacks. It’s not personal – unless you are on the receiving end of the hack.[pullquote]Hacking is not personal – unless you are on the receiving end of the hack.[/pullquote]

Learn more about the 5 common reasons why WordPress sites get hacked.

5 Lessons Learned from a Broken Website

I had to learn the hard way after hackers broke my business. Learn from my mistakes and take these suggestions to heart.

1. Don’t wait. Now is the only time you have to protect your website.
2. Don’t skimp. If you are going to invest in anything, invest in security. It does no good to have the perfect website if a hacker crashes it. Investing in iThemes Security Pro allows you to have peace of mind knowing someone has your back.
3. Don’t go it alone. If you don’t know what you don’t know then you can’t know what you need to do. Talk to someone who knows more than you about internet security. Spend some time educating yourself with this WordPress security guide.
4. Don’t relax. Keep up good WordPress security best practices to be certain your website is locked up as tight as you can make it.
5. Don’t let it go. Back up your content on a regular basis (regular being based on how often you post content). A WordPress backup plugin like BackupBuddy makes easy by taking care of regular backups for you.

It took some doing (and help from more than a few friends), but I had my website ready for the event. It wasn’t what I had planned. It wasn’t what I had paid for. But it was a website that was hacker-free.

Don’t be me. Protect your website and your business.

Get iThemes Security Pro