Security Updates

Or

Contact us via the chat channel on any page of the BlogVault website or on the BlogVault dashboard.


 

 

 

If you have questions about the security issue we’re currently facing, please click on the button above, for some of the common queries our customers have had.

If your question isn’t here, please do get in touch with us. We’re here to help.

 


8:12pm (UTC + 5:30) | Feb 4, 2017

 

Hi,

I’m Akshat, the founder of BlogVault. Here at BlogVault we have been committed to providing highly secure backups.

Unfortunately, I am reaching out to let you know that some of the data on our systems may have been exposed. We are investigating the issue, and will ensure to keep you updated as and when we have more details.

Meanwhile, we have undertaken a list of precautionary measures and we’re sharing what we already know with our entire customer base.

 

What We Are Doing to Secure Your Website

Due to the breach, some of our customers’ websites were accessed without authorization. After further investigation we found out that these sites had been injected with malware. We have taken immediate action and we are extensively scanning all those identified sites. We are also conducting granular analyses of our systems.

We’ll soon update you if your sites are affected. We will also be sharing the specific list of sites affected with each site owner. We will also update those owners whose sites have not been affected to avoid any unnecessary worries. Where we have identified issues, we are cleaning the malware to secure all data. If your web host has suspended your site then please contact us.

Please note that at this point all backups are safe; and have not been compromised.

We have also updated the BlogVault plugin in the WordPress repository with additional security measures. We request you to update the BlogVault plugin to version 1.45 on all your sites at the earliest.

 

All login, FTP and payment-related data is safe!

  • We DO NOT store your credit card information or payment details.
    They are processed via Stripe, which uses the best security practices, and is completely safe.
  • We DO NOT store your sites’ SFTP/FTP credentials.
    They have not been compromised.
  • We DO NOT store the WordPress admin credentials to any of your sites.
    They are safe as well.

 

What You Can Do Now

Please update the BlogVault plugin to version 1.45.

We aim to be abundantly cautious as we move forward.

We have reset the BlogVault account passwords, of our entire customer base. (Please note that all your passwords were encrypted; and none of them were stored in plain text. This makes recovering the passwords extremely difficult). In order to access your account, please follow this link and reset your BlogVault password again.

We sincerely apologize for the inconvenience caused.

We share your concerns, and we are working hard to not only find out more about the issue, but also to review and make our system more robust. Security is of utmost importance to us and we’re committed to giving you as much information as we can. Please follow this page for updates about our investigations and support. Please do contact us if you have any further queries.

 

Sincerely,
Akshat Choudhary
Founder, BlogVault


Or

Contact us via the chat channel on any page of the BlogVault website or on the BlogVault dashboard.