News Headline
Panamanian Firm Helps Hide Trillions in Offshore Accounts
Mossack Fonseca: Inside the Firm That Enables the Super-rich.
You’ve undoubtedly heard or read about this recent news story. Super-rich and super-powerful bigwigs hiding billions of ill-gotten gains in secret accounts. Oops, not so secret, it turns out! A massive data leak from Mossack Fonseca, a Panamanian law firm, has outed hundreds of these stashes.
It’s an ugly story, but oh, well. Just moguls and their lawyer hirelings at it again.
Nothing to do with you, right? Well, think again…
Out of Date WordPress Website Software and Security
What we now know about this now infamous data leak is that the culprit wasn’t a whistle-blowing insider, but a hacker who exploited gaping vulnerabilities in Mossack Fonseca’s primarily WordPress-based web presence.
Those vulnerabilities were a direct result of one thing: Mossack Fonseca failed to keep its web security up to date.
Some elements were years out of date, some only months. But all contributed to the hack.
WordPress blogger Sarah Gooding analyzed the situation this way:
“This leak is not a blow to open source software’s credibility but rather underscores how low a priority some companies place on their tech departments and web security. With the rampant software vulnerabilities in this age, not updating software for years constitutes abject neglect of customers. The bottom line is that software needs to be updated.”
To which we’d add: regularly.
Take This Example to Heart
My guess is that, if you’re a small business or nonprofit manager, you don’t know with certainty whether this dilemma applies to your web presence. That means you’re likely vulnerable. And, as we just noted in a prior article concerning ransomware, that means everyone who visits you online is vulnerable, too.
Your organization may or may not use WordPress to power your website. But the bottom line is that, whatever software you use, the key to protecting your company’s and your customers’ data is keeping your software up to date.
Specifically though, if you do use WordPress…
Prevention Is Affordable for WordPress Websites
Of course, those lawyers didn’t keep their website security up to date because doing that costs millions, right. Well, think again, again…
The solution is not that expensive because it’s really pretty simple. As WordFence (a WordPress security software company) says:
“To protect your WordPress installation it is critically important that you update your plugins, themes, and core when an update becomes available. You should also monitor updates for security fixes and give those the highest priority.”
But you have to monitor and update regularly. That takes someone with both the time and the know-how.
If you have someone like that on your team, great. Put ‘em to work. If not, or if you don’t even have a “team,” that’s where a trusted web consultant comes in.