Mageworx has been compromised
Unfortunately, we have been notified that the support ticketing system for Mageworx has been compromised, resulting in a full data leak of all credentials you may have supplied to them if you have contacted them for support.
If you have not used any Mageworx modules or provided credentials to them, you should not worry. However, it would still be wise to follow a strong security practice. You can find more information on securing your store in our latest articles for preparing for peak
, specifically, securing your store
Your store is at risk, specifically your
What you need to do
Our team has already taken steps to automatically revoke all Mageworx VPN bundles. This was performed simultaneously on all customer stacks at 22:30 on 12/11/2015.
However, we cannot automate the removal of any administrator users you may have created for Mageworx.
You must review all your existing administrator and API users and remove any accounts you are not familiar with or that have been issued to Mageworx. In addition, you must change all of your existing Magento administrator passwords for the accounts that remain.
Sonassi would strongly recommend operating a secure store policy and we have put together a checklist you can follow to ensure that your store is secure, you can find it here, https://www.sonassi.com/blog/security-check-list