Or go to our Shopify Theme Detector directly
How to Recover a Shopify Website after a Hack
Last modified: May 26, 2023
Cybercrime is a massive problem across the world. Shopify is no stranger to it. An app was found to have a vulnerability in 2019 that leaked the details of 10,000 stores across the internet. The problem was fixed and Shopify has spent millions in searching for and resolving other issues. However, the biggest problem with Shopify security is human error.
What is Human Error and Hacking?
Human error is when the actions of the person make the hacking possible. This does not include software issues that a developer has done. These sort of activities include giving data away to criminals through phishing emails or they could have stolen log in details from another site that is also used on Shopify.
These human errors can account for almost two-thirds of all the hacking cases available.
How to Spot a Shopify Website that has been Hacked
Several signs may show when your website has been hacked. Here are some of those signs:
- Google may show that your website has been hacked.
- New pages suddenly appear on your website.
- You get an ‘Account Suspended’ message on your Shopify store.
- The website is blacklisted by Google.
- Your website becomes slow.
- Google Ads are disapproved for software on your website.
How to Fix a Hacked Shopify Website
To fix this problem there are several things that you can do. Here is a list of activities to help you.
- See which user has made changes to your website through the yourstore.myshopify.com/admin/activity page.
- Check the recent login history and the permissions to see if there are staff accounts that have been changed.
- Check for strange activity by looking at accounts for location, date, ISP, IP address and the location of the login.
- Reach out to the Shopify support team.
- Re-create all the accounts, emails and re-assign new passwords.
- Enable Two-factor Authorisation on your account with SMS.
- Do not use a password manager on your website.
- Enable a Two-step authentication process on your website. This prevents those who have your website from still using it.
- Remove email as a backup.
- Use the Google Auth app.
- Ensure there is a backup of your store and restore it when there is a hacking problem.
- Change passwords across your accounts. Ensure that you don’t have the same password for two accounts.
- Ensure you have a good Shopify security app on your Shopify website.
Final Word: How to Recover a Shopify Website after a Hack
About 50% of all stores will suffer from a website hack at some point. Online stores are prime targets because they often contain lots of information that cybercriminals can use to steal money from others. Not only that, criminals can take money directly from your store. If you think you’ve been hacked, start to implement some of the actions above to ensure that you are protecting your customers.