jump to navigation

Security Incident (via WordPress.com) April 13, 2011

Posted by nrhatch in Blogging.

Just wanted to make sure all of you who blog on WordPress saw this . . .

Tough note to communicate today: Automattic had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed.

We have been diligently reviewing logs and records about the break-in to determine the extent of the information exposed, and re-securing avenues used to gain access. We presume our source code was exposed and copied. While much of our code is Open Source, there are sensitive bi … Read More

via WordPress.com News

Matt’s advice from the article:

Based on what we’ve found, we don’t have any specific suggestions for our users beyond reiterating these security fundamentals:

Use a strong password, meaning something random with numbers and punctuation.

Use different passwords for different sites.

If you have used the same password on different sites, switch it to something more secure.

(Tools like 1Password, LastPass, and KeePass make it easy to keep track of different unique logins.)

I did change my WP password and also changed similar passwords used on other sites.  You might want to do the same.

Related:  The Art & Science of Getting Good WordPress Support


1. Debra - April 13, 2011

Thanks Nancy…glad you posted as this was the first I saw of it.:)

nrhatch - April 13, 2011

You might want to subscribe to WordPress.com news. Just click on the article and then subscribe to updates on that blog.

2. Carol Ann Hoel - April 13, 2011

Thank you for letting us know. I’ll change my WP password and perhaps some others. Blessings…

nrhatch - April 13, 2011

I probably should change more of my passwords as I’ve been using some of them way too long.

Just One MORE Thing to add to my To Do list. 😉

3. Cindy - April 13, 2011

Just saw it, added to my list too 😦

4. souldipper - April 14, 2011

Thanks for the notice, Nancy. I’ve changed my password so if you never hear from me again, it’s because I am completely swamped in all the artwork needed to make a strong new password!!

5. barb19 - April 14, 2011

I saw it Nancy, but thanks for spreading the word to others who might not have seen it.
I’m changing my passwords just to be on the safe side.

6. jannatwrites - April 14, 2011

Thanks for sharing, Nancy. I had not seen this. I have different passwords for everything, but I’ll change WP anyway.

7. Tilly Bud - April 14, 2011


8. Alannah Murphy - April 14, 2011

Thanks for sharing. Going to go change my WP wordpress now…

9. suzicate - April 14, 2011

Thank you…I swear I can’t remember my passwords. I am going to have to keep a record of anything I change or I’ll be even more lost than I usually am!

10. nrhatch - April 14, 2011

I read through the thread of comments on the Matt’s post last night.

The vast majority seemed to accept that “break ins” are part and parcel of doing business on the internet. Only a few angry voices raised.

11. oldancestor - April 14, 2011

Time for some Star Trek technology: Retina scans

nrhatch - April 14, 2011

That is an awesome idea, OA. 😎

I’m tired of keeping track of all my passwords. I’d like something that I can’t forget and others can’t easily duplicate.

12. Carol Ann Hoel - April 14, 2011

I changed some passwords. I may never get into WP again without looking in my password book. By the time I ramped it up to “strong,” it was too strong for me, too. 🙂 Thanks for the warning. Blessings to you, Cindy…

nrhatch - April 14, 2011

I know just what you mean, Carol Ann. I found out that my password was “weak.” Now, it’s so complicated that I’m apt to find myself on the wrong side of the locked door. 🙂

13. Sandra Bell Kirchman - April 14, 2011

I saw it too – I have so many internet accounts to various websites that, if I change my password, I am doomed.

However, I use something that was recommended by my bank. It’s called Trusteer and not only protects my password, but protects any website I ask it to, including, of course, my online banking sites. Once you install it, it is very easy to use. You can set it for weekly reports as well. I was appalled at how many various invasion attempts it is stopping, but very glad it was stopping them.

You can go here to check it out: http://www.trusteer.com/learn

nrhatch - April 14, 2011

Thanks, Sandra.

I hope that Trusteer is trust-worthy and keeps your information safe from intruders. 😀

The internet is a wonderful asset, but it’s also a potential liability due to all the personal information we store on line.

What Say YOU?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: