{"id":737,"date":"2017-10-02T11:07:28","date_gmt":"2017-10-02T03:07:28","guid":{"rendered":"https:\/\/2017.singapore.wordcamp.org\/?post_type=wcb_session&#038;p=737"},"modified":"2017-10-03T10:52:33","modified_gmt":"2017-10-03T02:52:33","slug":"disaster-management-for-when-you-get-1000s-of-customers-hacked","status":"publish","type":"wcb_session","link":"https:\/\/singapore.wordcamp.org\/2017\/session\/disaster-management-for-when-you-get-1000s-of-customers-hacked\/","title":{"rendered":"Disaster management for when you get 1000s of customers hacked"},"content":{"rendered":"<p>What does disaster look like to a WordPress plugin developer? It&#8217;s never fun to find out the hard way. This talk will be in the form of a few short stories about one disaster my company (BlogVault) faced recently: a major plugin vulnerability. I&#8217;ll be telling you what we did when more than 1000 of our customers got hacked overnight through our plugin&#8230; and how we recovered. Although this was one of the most harrowing experiences in the history of the company, it taught us quite a few lessons:<\/p>\n<ul>\n<li>Act fast<\/li>\n<li>Minimize damage, fix the root cause. Communicate, communicate, communicate<\/li>\n<li>Be honest &amp; clear with your team, partners, and customers about your next steps. Be prepared for curveballs<\/li>\n<li>Not everything can be planned. Forgive delays and mistakes. Fix everything<\/li>\n<li>You don&#8217;t know what&#8217;s broken (for sure). Reinforce it all. What happened when?<\/li>\n<li>Stressful times call for simple measures. Note down what happened (and when). It&#8217;ll help with communications. Eliminate doubt.<\/li>\n<li>Our internal tool helped us identify signs of malware from 200,000 sites, but we also needed reaffirmation. What not to do when you face such a disaster: Panic<\/li>\n<li>This only makes everything worse. Shy away from the truth<\/li>\n<li>Whether your customers or partners leave isn&#8217;t up to you. Your company&#8217;s integrity is. Focus inwards only<\/li>\n<li>Your business is about your customers, who are having a tough time. Help them first. The Ultimate Takeaway: Reach out to the community. Lots of people have been in the same situation.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>What does disaster look like to a WordPress plugin developer? It&#8217;s never fun to find out the hard way. This talk will be in the form of a few short stories about one disaster my company (BlogVault) faced recently: a major plugin vulnerability. I&#8217;ll be telling you what we did when more than 1000 of &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/singapore.wordcamp.org\/2017\/session\/disaster-management-for-when-you-get-1000s-of-customers-hacked\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Disaster management for when you get 1000s of customers hacked&#8221;<\/span><\/a><\/p>\n","protected":false},"author":13549797,"featured_media":0,"template":"","meta":{"jetpack_post_was_ever_published":false,"_wcpt_session_time":1509169200,"_wcpt_session_duration":3000,"_wcpt_session_type":"session","_wcpt_session_slides":"","_wcpt_session_video":"","_wcpt_speaker_id":[668],"footnotes":""},"session_track":[13411],"session_category":[],"class_list":["post-737","wcb_session","type-wcb_session","status-publish","hentry","wcb_track-track-1"],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p8hrVf-bT","jetpack_likes_enabled":true,"session_date_time":{"date":"October 28, 2017","time":"1:40 pm"},"session_speakers":[{"id":"668","slug":"akshat-choudhary","name":"Akshat Choudhary","link":"https:\/\/singapore.wordcamp.org\/2017\/speaker\/akshat-choudhary\/"}],"session_cats_rendered":null,"_links":{"self":[{"href":"https:\/\/singapore.wordcamp.org\/2017\/wp-json\/wp\/v2\/sessions\/737","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/singapore.wordcamp.org\/2017\/wp-json\/wp\/v2\/sessions"}],"about":[{"href":"https:\/\/singapore.wordcamp.org\/2017\/wp-json\/wp\/v2\/types\/wcb_session"}],"version-history":[{"count":3,"href":"https:\/\/singapore.wordcamp.org\/2017\/wp-json\/wp\/v2\/sessions\/737\/revisions"}],"predecessor-version":[{"id":802,"href":"https:\/\/singapore.wordcamp.org\/2017\/wp-json\/wp\/v2\/sessions\/737\/revisions\/802"}],"speakers":[{"embeddable":true,"href":"https:\/\/singapore.wordcamp.org\/2017\/wp-json\/wp\/v2\/speakers\/668"}],"author":[{"embeddable":true,"href":"https:\/\/singapore.wordcamp.org\/2017\/wp-json\/wporg\/v1\/users\/akshatc"}],"wp:attachment":[{"href":"https:\/\/singapore.wordcamp.org\/2017\/wp-json\/wp\/v2\/media?parent=737"}],"wp:term":[{"taxonomy":"wcb_track","embeddable":true,"href":"https:\/\/singapore.wordcamp.org\/2017\/wp-json\/wp\/v2\/session_track?post=737"},{"taxonomy":"wcb_session_category","embeddable":true,"href":"https:\/\/singapore.wordcamp.org\/2017\/wp-json\/wp\/v2\/session_category?post=737"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}