Tech Crunch Hacked by OurMine: Are Our Websites Safe at All?

Bulletproof Backups for Your WordPress Website

Fortify your business continuity with foolproof WordPress backups. No data loss, no downtime — just secure, seamless operation.

As a lot of us following technology news might know by now, TechCrunch was hacked today, by OurMine. The message left by hackers was caught just before the post was taken down:

According to OurMine’s website, the organisation is made of “professional hackers and vulnerability assessors” who “only care about the security and privacy of your accounts and network”.

And while a tech security company hacking sites to expose vulnerabilities is not very big news; what makes it newsworthy, is the size and reputation of the enterprise being hacked, which in this case, was TechCrunch.

For those of you not in the know, TechCrunch was built on WordPress, which is a hot target for hackers due to the CMS’ popularity. Close to a third of the world’s websites run on WordPress– if you’re a WordPress user, this might alarm you. And while we don’t yet know if the vulnerability exploited by OurMine was on WordPress, the case of TechCrunch is especially disturbing.

This is because TechCrunch was hosted on WordPress VIP. VIP services include priority hosting, offering the best enterprise solutions; and starting at $5,000/month they do not come cheap. As part of the VIP service, the website’s code is subject to rigorous code reviews from the best developers at WordPress. In addition, this service also included a host of security measures that included PAAS, DDOS mitigation, two-factor authentication and an antivirus (among other things). Basically, TechCrunch functioned in the most secure WordPress environment available.

If companies that can afford the best security measures are vulnerable, then it is a signal that there is no foolproof way to safeguard your website.

However this isn’t to say that WordPress VIP and TechCrunch were completely vulnerable. As seen in the thread, the post was taken off TechCrunch’s site within the hour, and things went back to normal almost immediately.

This hasn’t been our experience in general with websites though. In fact, some of our clients have been hacked for years before they even found out about it.

This is what inspired us to work on our new WordPress website security product that will be out soon. It scans for hacks, and auto-cleans them with a single click.

Apart from this, we’re big believers in having a WordPress backup, because it’s the one way you can be completely sure that the damage is reversible.

You may also like


Fix: WordPress 403 Forbidden
Fix: WordPress 403 Forbidden

Stuck with a “403 Forbidden” error while trying to access your WordPress site? It’s a little scary and quite cumbersome but you can troubleshoot WordPress errors like this.  It’s a…

Fix: WordPress 413 Request Entity Too Large
Fix: WordPress 413 Request Entity Too Large

Fixing errors in WordPress site is like hitting a digital roadblock. It can be frustrating and disruptive. But, you’re also left wondering why this is happening to you.  The “413…

How do you update and backup your website?

Creating Backup and Updating website can be time consuming and error-prone. BlogVault will save you hours everyday while providing you complete peace of mind.

Updating Everything Manually?

But it’s too time consuming, complicated and stops you from achieving your full potential. You don’t want to put your business at risk with inefficient management.

Backup Your WordPress Site

Install the plugin on your website, let it sync and you’re done. Get automated, scheduled backups for your critical site data, and make sure your website never experiences downtime again.