PDA

View Full Version : Security incident at Automatic/Wordpress.com



Harold Mansfield
04-13-2011, 04:19 PM
It appears that there was a low level hack of the Automatic servers where some information was disclosed.

Matt has announced on the WordPress blog that there has been a low-level root break-in and that anything on the server could have been revealed.

The guys at Automatic are working hard to determine what information has been stolen as well as re-securing the server.

This has no effect on self hosted Wordpress users, unless they are hosted by Automatic. The article also says that some Facebook and Twitter passwords may have been compromised.

You can read a short article about it here:
Security Incident Hits Automattic Affecting WordPress.com Users | WordPress News at WPMU.org (http://wpmu.org/security-incident-hits-automattic-affecting-wordpress-com-users/)

Techcrunch:
Hacker Gains Access To WordPress.com Servers, Site Source Code Exposed (http://techcrunch.com/2011/04/13/hacker-gains-access-to-wordpress-com-servers/)

And on the Automatic blog:
Security Incident — Blog — WordPress.com (http://en.blog.wordpress.com/2011/04/13/security/)

vangogh
04-14-2011, 11:56 AM
I caught the news yesterday. Still not a lot of details about what happened though I imagine it will take some time to find those details and they may or may not be shared.

I think this mostly shows how popular WordPress has become with the mainstream. It's success is leading it to become a target. On the bright side I expect Automattic will pay more attention to fixing security holes than other businesses might.

KristineS
04-15-2011, 12:02 PM
I heard about this, but didn't pay a lot of attention because I figured it didn't impact my blogs (yes, it's all about me!). It does seem there has been a lot more hacking lately though. Not sure what's up with that.