Ah, welcome to 2015! Recently, we were caught up in the latest Drupal hack-fest. Not a fun process - basically someone was able to "inject" new pages directly to our site. Since they didn't touch our base site, most of us never noticed until some funny "search results" kept coming back:
So, to answer most of the emails I've received - No, we are not selling Viagara, Finpecia, or any of the other numerous drugs referenced in our search results. ;)
However, more than just the hack - It was an interesting lesson for me on "service". Essentially, the provider who created our Drupal site decided not to follow up on the "risk/hack" issue with us. They essentially said that since we didn't buy their support plan, they forgot to notify us. (More interestingly, they never offered us a plan in the first place, but I digress).
At any rate, I feel they lost a golden "sales" opportunity once the hack was announced. Certainly, we most likely would have allowed them to patch our site. I am sure there were many other "non-contract" shops in the same boat.
But even if we decided not to patch, we would have at least been "warned", which would have allowed them to at least keep the relationship.
As it stands, however, we have since moved on. I feel the lack of initiative in "protecting" their clients really didn't add up to allowing them to continue on as our vendor.
So please enjoy our new site. Hopefully this new site will prove more secure than our last. And I hope your web site never gets hacked.
And for us, We plan on connecting with all of you - even those without a support contract - to continue to discuss updates and upgrades to your various systems. I know they often seem like a waste of money - but in my case it turned out to be a bigger waste of time.