Performancing Metrics

Hackers Breach WordPress.com Servers

Automattic (the company behind WordPress.com) was unfortunately targeted by hackers recently and suffered a breach upon their servers.

Tough note to communicate today: Automattic had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed.

We have been diligently reviewing logs and records about the break-in to determine the extent of the information exposed, and re-securing avenues used to gain access. We presume our source code was exposed and copied. While much of our code is Open Source, there are sensitive bits of our and our partners’ code. Beyond that, however, it appears information disclosed was limited. (Official WordPress Blog)

To their credit Automattic alerted the community regarding the breach, a habit I wish was emulated within other industries (who often inform users days if not weeks later).

Automattic is still investigating the hack although there doesn’t seem to be any evidence of any passwords compromised, however the company is recommending that users change their passwords.

It’s also a good idea for self hosted blogs using WordPress.com services (like VaultPress) to change their WP.com passwords as well.

Note: For those of you who are extra paranoid, you can also change your username as well by visiting your Global Dashboard, then clicking on “Personal Settings” in the sidebar, then scrolling down to the “Account Details” section and clicking on the “Change” link next to your user name.

Although this breach indirectly affects self hosted WordPress fans, it might be wise to verify your hosting companies security defenses, as well as install a few plugins (like Login Lockdown) upon your site.

Categories: WordPress News
Tags: ,

This post was written by . You can visit the for a short bio, more posts, and other information about the author.

Comment with Your Facebook Account

Comments

  1. Grim Cris ) says: 4/14/2011

    We just can’t hide from hackers attack, but we can try. I think that WordPress will come up with a new version soon. A much more stable one.

    Reply