What is the real cost of a hacked WordPress website?

Cost of a Hacked website

Ever wondered how much it would cost if your website got hacked?

The real cost of a hacked WordPress website could be much, much higher than you ever imagined.

Ok, so it’s hard to put a value on a website, especially without having any information. You may have paid little for it, you may have paid a lot, but if you’ve developed it over time it’s probably worth a lot more than you paid for it. If your website works, even if it’s not as well as you would like, it’s worth more than you think: here’s why:

  • Your SEO – you will have a Google ranking and you may have invested in SEO
  • Your content – you may have developed a blog, content, products, services – it all adds up
  • Your customers are finding you and using your website to purchase directly or get background information
  • Your brand and goodwill – it’s all tied up in your website

If you have to redevelop it all from scratch, how long would it take?

So, let’s take a rough guess at how much it would cost if your website got hacked

My findings are based on allowing my own website to get hacked just to find out what would happen. Yes, I really did that, and you can read about it here.

Let’s take a website that generates £100,000 a year in revenue and has been in existence for two years. It a purely arbitrary figure to help present a case. It could be an e-commerce store a site that generates leads, or a brochure site that backs up your proposition.

The true cost of a hacked WordPress website

[vc_separator type=”normal” color=”#202020″ thickness=”1″ up=”20″ down=”20″][vc_column_text]

Issue Description Cost
New website You will need a new website designed and developed. It will need to be much more secure than the one you just lost. It will have to be GDPR compliant. Some data recovery may be possible. £5,000
Lost trade A sensible new website development will unlikely be less than 8 weeks. You will probably spend a couple of weeks finding a good web development agency and creating the brief. In that time you may have lost 10 weeks of trade. £19,230
Lost SEO rankings You will need to start all over again. This will take time to build. I have allowed what is probably a modest 20% drop in sales over the next 12 months. £20,000
Original site cost Let’s assume that you paid £3,000 for the original site that got hacked. £3,000
Website developments Over the last two years you may have paid for SEO work, content writing, social media marketing, product and service development or adding e-commerce products to a database. There could be many other elements.  So I’ll just take figure £500 a month in added value to the site over 2 years. £12,000
Goodwill It’s very hard to put a price on this, but you could lose trust in your customer base and suffer a dent in your business reputation. I’ll allow 10% of the turnover while you re-build that trust. £10,000
Total This is what it could actually cost you if your website get’s hacked £69,230

[/vc_column_text][vc_separator type=”normal” color=”#202020″ thickness=”1″ up=”20″ down=”20″]

I know this is highly speculative, but it does give a good impression of the kind of losses in a hacked WordPress website that you may not have considered. This is without any additional fines and hidden costs that could be incurred by failure to meet with GDPR compliance.


Filed under: WordPress best practice, WordPress security