Insurance and Security

Experiencing a breach: How a business owner overcame a hack

One business owner recalls how a cyberattack affected his website, and how the business recovered.

Published: October 04, 2018

We came into the office one day, and the phones were ringing like crazy. We’ve always told our customers to call us if they received an odd message related to their accounts with us. But in this case, the strange things they were getting were coming from us. Our server was emailing our customers weird messages, a lot of it in foreign languages. At the same time, we were receiving thousands of web form submissions in different languages and hits on our website from all over the world — Russia, Spain, and France. This was strange, because we’re a U.S.-based company and can only work with U.S. citizens.

The attack had completely overwhelmed the site. The attackers were using a process of bots, hitting the site over and over. They got inside our actual files and placed code on the individual pages that was routing the information to a new server.

Halting business

On that first day, we pulled down our entire website. The web developers I work with told me they could remove just the malicious code, but I said, “I don’t care. I want it all gone.” Since we are mostly online-based, it shut our whole business down. We pulled every file down from our server and started from scratch.

Our accounts hold information like customers’ names, addresses, and dates of birth — things that would be valuable to the dark web community. In this situation, we were especially fortunate that our payment processing runs through a third party. We are fully PCI-compliant and don’t store credit card numbers. Even on accounts dealing with customers’ finances, we don’t store the full account number ourselves.

Communicating the breach

Immediately, we sent a mass notice to every one of our customers. We explained what could have occurred and what personal information could possibly have been compromised. We also encouraged customers to contact us if they had any issues or needed help with their file.

The business takes in about $100,000 to $150,000 a month in revenue, and we lost 10 to 12 days while the website was being rebuilt. We also rely heavily on referrals, so we definitely lost additional customers beyond the signups we missed during that downtime. And we had another $10,000 to $12,000 in site costs. Altogether, this cost us about $50,000.

Taking action

Ultimately, we decided to move to a different web-hosting company. We also added some code to the website that monitors changes. If the site gets changed and we weren’t the ones that did those changes, we’d know it as soon as it occurred. We haven’t had a notice since. We also took the opportunity of rebuilding the website to relaunch with a new logo and an improved look and feel.

We have always taken privacy very seriously and continue to take every available measure to protect our customers’ information.