Unsurprisingly, it happens a lot.
GoDaddy has released new data on the prevalence of very small businesses being hacked, including having their website hacked.
The numbers are staggeringly high, but I suppose it shouldn’t be surprising. As someone who has operated WordPress websites since 2005, I’ve had my share of being hacked.
GoDaddy has unique data given its size. It analyzed 65,477 requests for help with hacked sites over one year. It found that over half of the cases of WordPress sites involved sites running outdated versions of the software. Of course, it’s not just WordPress sites that get hacked.
In 83% of cases, the hackers added backdoors that would let hackers back in even after cleaning up the offending files. As for the goal of the hackers, it seems like adding spammy/SEO pages is the most common.
The company’s average cleanup involved 110 files but reached as high as 35,057 for a single hack.
Having a technical expert available to quickly fix a hacked site is key. Not surprisingly, GoDaddy has security services including hack cleanup to sell. Personally, I have a web developer on call that can fix any issues like this. When you get hacked, time is of the essence.