Tech Crunch Hacked by OurMine: Are Our Websites Safe at All?

Bulletproof Backups for Your WordPress Website

Fortify your business continuity with foolproof WordPress backups. No data loss, no downtime — just secure, seamless operation.

As a lot of us following technology news might know by now, TechCrunch was hacked today, by OurMine. The message left by hackers was caught just before the post was taken down:

According to OurMine’s website, the organisation is made of “professional hackers and vulnerability assessors” who “only care about the security and privacy of your accounts and network”.

And while a tech security company hacking sites to expose vulnerabilities is not very big news; what makes it newsworthy, is the size and reputation of the enterprise being hacked, which in this case, was TechCrunch.

For those of you not in the know, TechCrunch was built on WordPress, which is a hot target for hackers due to the CMS’ popularity. Close to a third of the world’s websites run on WordPress– if you’re a WordPress user, this might alarm you. And while we don’t yet know if the vulnerability exploited by OurMine was on WordPress, the case of TechCrunch is especially disturbing.

This is because TechCrunch was hosted on WordPress VIP. VIP services include priority hosting, offering the best enterprise solutions; and starting at $5,000/month they do not come cheap. As part of the VIP service, the website’s code is subject to rigorous code reviews from the best developers at WordPress. In addition, this service also included a host of security measures that included PAAS, DDOS mitigation, two-factor authentication and an antivirus (among other things). Basically, TechCrunch functioned in the most secure WordPress environment available.

If companies that can afford the best security measures are vulnerable, then it is a signal that there is no foolproof way to safeguard your website.

However this isn’t to say that WordPress VIP and TechCrunch were completely vulnerable. As seen in the thread, the post was taken off TechCrunch’s site within the hour, and things went back to normal almost immediately.

This hasn’t been our experience in general with websites though. In fact, some of our clients have been hacked for years before they even found out about it.

This is what inspired us to work on our new WordPress website security product that will be out soon. It scans for hacks, and auto-cleans them with a single click.

Apart from this, we’re big believers in having a WordPress backup, because it’s the one way you can be completely sure that the damage is reversible.

You may also like


How to Limit Form Submissions with Droip in WordPress
How to Limit Form Submissions with Droip in WordPress

Forms are an indispensable part of any website because of their versatility, letting you collect information for various purposes! However, people with ill intentions often attempt to exploit these forms…

Manage Multiple WordPress Sites
How To Manage Multiple WordPress sites

Management tools help agencies become well-oiled machines. Each task is completed with the least amount of effort and highest rate of  accuracy.  For people managing multiple WordPress sites, the daily…

PHP 8.3 Support Added to Staging Feature
PHP 8.3 Support Added to Staging Feature

We’ve introduced PHP version 8.3 to our staging sites. Test out new features, code changes, and updates on the latest PHP version without affecting your live website. Update PHP confidently…

How do you update and backup your website?

Creating Backup and Updating website can be time consuming and error-prone. BlogVault will save you hours everyday while providing you complete peace of mind.

Updating Everything Manually?

But it’s too time consuming, complicated and stops you from achieving your full potential. You don’t want to put your business at risk with inefficient management.

Backup Your WordPress Site

Install the plugin on your website, let it sync and you’re done. Get automated, scheduled backups for your critical site data, and make sure your website never experiences downtime again.