[truthfinder007]

I think the use of "reporting" is a stretch.. you're speculating and twisting information in your favor.

You're right, data was exfiltrated... Do we know if the portal was on the same server as the website? You seem to be making that connection, but that hasn't been illustrated.

So if you're opinion is that it was either a Drupal or WordPress attack vector, why not highlight that in your article or subsequent email? Based on your email, you imply it was WordPress but fail to make this point...

[mmaunder]

OK "truthfinder007" whose account was created 2 hours ago and has karma of 2. I think I've had about enough of what's going on here. Tell your boss I say hi and that he owes me a beer at the next wordcamp. ;-)

Edit: And then I looked at your comment history. Seriously? http://i.imgur.com/HBqJ8vV.png

[RawInfoSec]

Okay Wordfence CEO.

How the hell does your product prevent SQL injection attacks on a payment processor outside of the Wordpress ecosystem??? ( http://www.theregister.co.uk/2016/04/11/hackers_pwn_mossack_... )

You guys are a joke.