WP Theme Maker ‘Templatic’ Hacked, Customer Login Information At Risk

If you have ever purchased a premium WordPress template from the popular theme provider ‘Templatic', you may want to change any of your email/password combinations that might have been the same as your Templatic account. Earlier today, the company issues a customer-wide email blast stating that their website was compromised, and hackers captured their entire user database, threatening to release sensitive information unless a ransom is paid.

The good news is that the company has confirmed no financial information is stored anywhere within the compromised as PayPal or 2Checkout has always handled all the payment processing on their end. This means any previous customers are not at risk of having their credit card numbers or banking info compromised.

However, they are still urging any previouscustomers who may have shared their login details with Templatic support or utilize the same email/password combination for other services (Gmail, iCloud, Facebook, Twitter, etc.) to change these login credentials immediately or you'll risk the potential of the hackers intruding on your accounts. It is always a safe bet to have a full backup of your website files and database for various reasons.

Here's the full customer email sent to me earlier this morning:

Dear templatic customer,

Let me start by saying that templatic has never ever stored any credit card information on our site. All the transactions are only ever handled directly by PayPal or 2Checkout. Our site is only integrated with the above secure payment gateways so your financial data is always safe and never stored by us. In fact, we never had access to your credit card or financial information. Now I will go into detail and share what's happened.

Our site was hacked recently

As announced on our social media accounts a few hours ago, our site was recently hacked and our databases compromised. It looks like the hacker may have gained access to our files and databases on our server. We are actively working with sucuri.net to clean and protect the site.

Hacker is demanding ransom money

The hacker is now threatening us via email and demanding ransom money be paid. This hacker is also threatening to misuse the data they've illegally gained access to and email our data to customers. While this is a very serious and dangerous threat, we are not going to give in to threats and we will not be negotiating with any hacker and that's no matter how much they try. A security expert has been assigned to this case and investigations are now being conducted. We are also taking legal action against all the illegal activities the hacker has been involved in.

What you must do immediately

  1. If you ever shared your site login information with us such as for your cPanel, FTP or wp-admin, you should immediately change the logins.
  2. If you are using any of our products that use the “Tevolution” plugin and you haven't yet updated the plugin, please follow the instructions in this post (https://templatic.com/news/security-vulnerability-found-themes/) and update the plugin immediately.
  3. Make sure no unknown files are present on your site. We strongly advise you to scan your site now by using security sites such as sucuri.net
  4. In case you are using the same email ID and password for your email account and your account at templatic, you must also change the logins for your email immediately.
  5. Please take a full backup of your site and database.

You might receive fake emails pretending to be “templatic” or exposing data.

The hacker has threatened to publicly share our files and other data and to email our customers. In case you are ever contacted, I sincerely urge you to ignore and delete it.

This email we are sending today to you is the last email we will send regarding this matter.

Anything further, we will share it on our social mediate accounts at twitter, facebook and our official blog here.

I sincerely apologize that this has happened

We have been serving our customers for 8+ years now and will continue to serve you happily. We are always trying to innovate a little bit more than what is possible by default with WordPress. As templatic founder, I take up the responsibility of this and I sincerely apologize to each single one of our customers. We assure you that we are taking best security measures and fight this, no matter what.

We are here to help. Please contact us should you have any concerns or queries.

Yours Sincerely,
R. Bhavesh,
Founder – Templatic.com