The website got hacked. What now?
May 30, 2008 8:57 AM Subscribe
A website I programmed got hacked. Credit card numbers were compromised. What do I do now?
I found the security hole and plugged it up, but at least one or two credit cards have already been stolen. There are a few hundred orders (less than 300) in the system. According to the error logs there were hits to the backend from the UK and Africa.
Obviously, I will recommend that all of the customers be notified. I don't suppose there's any way to do this in a classy manner that won't make our client look bad.
The worst of all is that the client will obviously suffer -- who knows how many of their customers will stop buying from them -- when it was not their fault. I feel like there is nothing I can do to resolve this problem...it's like a nightmare I can't wake up from. Please, please help.