Overcome a hack attack and keep customers: a small business tale

NEW YORK—David Perdew learned during his company’s semiannual training workshop in February that its website had been hacked.

A threatening message on the site read: “David Perdew, you owe me money and I will expose the database to the world if you don’t pay.”

Perdew’s company, Novice to Advanced Marketing Systems (NAMS), provides marketing training through in-person workshops and online. The attack forced the company to shut down its site for six weeks, and cost $75,000 in lost revenue and expenses to overhaul its computer system.

“It felt like a personal violation,” he says.

An immediate concern was finding a way to conduct the final sessions of the workshop because the website, with its hostile message, was unusable. An already prepared slide presentation solved that problem.

The company’s tech staffers began working to find out how the website was hacked. Ten hours after the attack was discovered they figured out that a person overseas, who had signed up with NAMS, used his login and technical know-how to invade the system and plant a malicious file.

The next challenge was finding the file. Perdew decided to keep the site down until all 70,000 files in NAMS’ system were combed and moved to a new computer. Thousands of files and software applications were purged.

Staffers then worked on improving the systems’ defences. That included new software, and the creation of 600 passwords, all with 15 to 26 randomly chosen characters.

The company had another issue: Making sure customers didn’t flee. NAMS reached out to them, offered promotions and created new services to encourage them to stay. Perdew says the strategy worked. The company lost only 15 of 2,000 customers.

Perdew says his system is much more secure, but that no computer is foolproof. He says hackers try to enter his system between 3,000 and 4,000 times a day.