Automattic, the company behind WordPress.com, has announced that hackers have breached its security and broken in to several of its servers, putting any information on them at risk.
Automattic and WordPress founder Matt Mullenweg says that Wednesday’s incident was a low-level root access breach. The company is reviewing its data logs to figure out what information may have been stolen and is working on patching any holes in its security. It seems unlikely that personally identifiable user information was taken during the attack, but Automattic has yet to complete its investigation.
“We presume our source code was exposed and copied,” Mullenweg stated on the company’s blog. “While much of our code is open source, there are sensitive bits of our and our partners’ code. Beyond that, however, it appears information disclosed was limited.”
WordPress was the target of a high-profile attack in 2009 that utilized a security exploit in its popular blogging software to create new “hidden” administrator accounts. Today’s security breach is much different than the 2009 incident. If you host a WordPress.org website on your own servers, you shouldn’t be affected, but Automattic suggests that you make sure your various online accounts utilize a variety of strong passwords.
{ 0 comments... read them below or add one }
Post a Comment