OpenCart Community

Hello everyone,
a few days ago somebody entered my store (I sell digital downloadable files) and downloaded several of our products without paying from them.
He created a new account, placed several orders and downloaded the files.
Of course, It was intentional and he has stolen our products.
The problem is that he never went through Paypal fo finalize the orders, there is no trace on my Paypal account of his orders.
We use only Paypal in my store.
I have received the usual emails from Opencart "Order # - You have received an order" and Paypal was indicated as the "Payment Method" but in some ways he bypassed Paypal... How is possible?
Is there a way to prevent this to happen again?

We use OC - 2.3.0.2

Thanks a lot for any suggestion.

You could've been simply hacked. Or maybe there's a whole somewhere in your system. It's absolutely impossible to say anything for sure without looking into the issue personally.

I know I have been Hacked, I don't think is a problem of my system because I use the "default" template and I have installed only a couple of extensions.
My question is if there are others that have got the same problem and how have they solved it?
Is there an Extention that helps fix it?

There's no extension "that helps fix it". Every such issue is to be investigated manually, because you don't know how exactly you were hacked. Maybe it was server exploit.

I can't see that anything like this has been reported before. There's a small chance that if could be the result on incorrectly configured payment statuses in the payment module or OpenCart settings.

Other than that you would need to go through your OpenCart error logs and web access logs at the time the orders were made looking for clues.

You may also want to check no files on your server have been modified and change all passwords.

I use Crawlprotct on my OC sites. Even though it 's not developed anymore it's a good script. I would upload clean OC files, change all your passwords including FTP and Cpanel etc and put crawlprotect on.