We have a small business website that has been compromised. They are somehow getting customers order details and contacting them requesting their credit card details. We have had our web team and a third party IT company looking into it and we can't find out where the breach is.
There seems to be no suspicious access on the database, and none of the website code seems to have been altered.
There are also no new admin users and no unexpected logins from existing user profiles in the logs. We have changed all passwords we can think of but they still seem to be able to get the order details. This guy had the same problem back in April (exactly the same, even the same name used Lucy Whetton) but he hasn't posted what the solution was.
Email phishing scam asking customers for card details
Does anyone have any ideas?
By the way, we have and are contacting all customers immediately to tell them not to respond to these phishing emails.