Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; plgContentYoutubeEmbed has a deprecated constructor in /home/expatspa/www/plugins/content/youtubeembed/youtubeembed.php on line 17
11 Lessons We Learned When We Got Hacked.

11 Lessons We Learned When We Got Hacked.

If you’ve ever been robbed, you’ll probably understand what it feels like to be hacked.

It’s as though you’ve been violated, and even if you recover the things that were stolen, you’ll always remember the experience.

This was how we felt here, at Expats Paris, when our website (yes, this exact website you’re on) was attacked late April this year. We were victims of a hacking operation against our entire system.

Hundreds of Expats Paris’s files were compromised and used for fraudulent purposes (spamming, web redirects, malware distribution, etc.).

Our engineers had to work on these issues for more that forty eight hours to get (almost) everything in order again.

They cleaned up the server and re-uploaded our entire website.

It was the very first time we experienced this and on the “up” side, we learned a lot from this experience, and are the better for it.

I’d like to share our findings with you hoping you’d find some help on how to protect your online business.

1. Our website’s ranking decreased on Alexa and Google search.

Websites rely on many tools to monitor their growth, influence and success.

As we are membership-based, in order to build a following and increase subscriptions, utilizes various tools to expand its audience and drive traffic to the site.

When we were hacked, our ranking was negatively affected, leaving us scrambling to find ways to get it back to where it used to be.

The advantage of either Google or Alexa ranking is that both these tools help webmasters, advertisers and marketers see the true marketing potential of a Website.

The better a website’s Google or Alexa rank, the higher business opportunities it will attract.


The image you’re looking at here is a screengrab of what our Alexa website’s ranking is this morning. The most important info here are the global and national (France) ranks. Globally, our website ranks on 370,098 and 10.533 in France.

These figures have been improving the day we entered the recovery period.

When we got hacked, we went down to the 450.177th position globally and 13.516th in France.

2. Failure to cover cyber security basics for a website can be fatal.


Website security tips courtesy of

We learned (the hard way) that not having adequate security for a website or computer system can lead to disastrous results.

Network outages, compromised data and computer viruses are just a few of the things that can cripple websites and affect online operations.

It can be extremely difficult and costly to recover from such an attack, and in some cases, you might have to start from scratch.

The loss of confidential information may lower the trust users have in your site, and may turn away potential visitors, too.

3. Importance of a recovery plan.

At Expats Paris, we’re huge fans of automation.

We automate almost everything; social media posts, newsletter and event reminders.


In the same spirit of automation, we had an automatic backup of everything that was saved in our system, which helped to minimize the damages and effort involved in getting back online and running smoothly.

It is a very good practice to do this on a regular basis for a website.

You never know when you’ll need it, and we were very glad we’d built this into our security procedures.

4. Growth (popularity) & vulnerability.


“...and that visibility which makes us most vulnerable is that which also
is the source of our greatest strength.”― Audre Lorde

You’ve seen it happen.

A little known music group or a budding actor suddenly becomes famous and is immediately a target for nasty gossip and slander.

The same can happen in any field.

Growth will increase the popularity and visibility of your website online, which is great.

But it can also add to your vulnerability to attack, making you a veritable bull’s eye for people with nefarious intentions.

It certainly happened to us.

Perhaps we should be flattered, yes?

5. The importance of communicating with community members.

In the unfortunate instance that you’re ever hacked, letting people know right away is a good thing, especially if you have a lot of members and sensitive information.


At Expats Paris, we announced the incident immediately, apologizing for the circumstances via email & social media and assuring everyone that the problem would be solved quickly.

The word got out, and people were responsive and appreciative of our efforts.

6. You may lose some members.

Right after Expats Paris announced what happened to the website, some members dropped their subscription with us.

It’s unfortunate, but that can happen.

Don’t worry about any fallout that might occur; just be upfront with your membership / followers / subscribers, because honesty really is the only way to go.


For the ones you lose, you’ll gain many others in return.

7. Messages of support & encouragement started coming in.


 Lovely tweet from Bellanda ® @BellandaInParis

As bad as things were at the time, the love and support Expats Paris received was amazing.

It helped us through a bad time and restored our faith in humanity during a period when we seriously doubted it.

So chin up, it won’t last long, and you do have people in your corner, supporting you and cheering you on.

There’s always a silver lining.

8. It can happen at anytime.

Maybe you’re at a friend’s wedding.

Or, you could be on vacation like I was in the south-east of France on a long weekend, enjoying the beautiful landscapes of the Drôme & Ardèche regions when it happened.


Most of my colleagues were away, too, which slowed our response.

Bad things happen, whether or not we want them to.

Always be prepared, is our motto.

9. The importance of having a qualified technical team.

expats-paris-development-team is maintained by Web-design devils, an India-based firm that delivers cost effective, reliable and result-oriented web solutions.

These guys were very responsive and professional and started to work on our issue right away once they were informed of the breach.

Are you happy with your website maintenance team?

Perhaps, check to see what their plan is should have you a similar problem.

It would be a good idea to make sure you have everything in place in order to avoid any possible difficulties down the line.

10. The web hosting company’s support must be good and available twenty-four-seven.


We were lucky, at Expats Paris, with our hosting company, OVH.

The response and support we received was excellent.

Are you satisfied with yours? Are they diligent about security?

Can you call or tweet at anytime with a question?

Are they patient and responsive?

These are just some of the things to consider, as we did, to help you breathe easier and ensure you have the best team on hand in case of an emergency.

11. Don’t panic, it’s not the end of the world.


At Expats Paris, we knew the situation was dire, but we believed this wasn’t the end of the world and there wasn’t any reason to panic.


Because we had everything in place to help us get the website back online as soon as possible.

It was hard work, but we did it.

But it could have been worse, had we not already had a plan in the event something like this happened.

The bottom line is this:

Bad things happen.

All you can do is have the best plan in place to protect your website, a responsive hosting company and a good technical team.

You’ll be able to handle the worst, should it land on your website’s doorstep.

There is life after being hacked. It’s not pleasant, but because we were prepared, it was at least tolerable. 

It can be the same for you.

Thanks for reading! Did you like this article? Has something similar happened to you or someone you know?

We’d love to hear how you handled the situation. Please share your experience in the comments section below.



Last modified onWednesday, 19 October 2016 10:12
Rate this item
(1 Vote)
back to top