“Automattic had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed,” WordPress founder Matt Mullenweg explained on the WordPress blog, on Wednesday. Mullenweg goes on to write that WordPress is reviewing the logs and suspects its source code was copied. The company has little advice for users, other than to strengthen their passwords. Not only is the WordPress blog hosting affected, but many of Automattic’s other services are potentially at-risk.
The consequences of this attack by hackers will definitely be felt by the major VIP members of the WordPress service such as NASA, CBS and The New York Times. Alexia Tsosis from TechCrunch (also a VIP member) says “VIP customers are all on ‘code red’ and in the process of changing all the passwords/API keys they’ve left in the source code.” Tsosis says that Automattic is downplaying the potential severity of this attack.
There have been a bevy of hack attacks occurring lately against big name companies, such as the DDoS attacks against Sony PlayStation by Anonymous, as well as the EMC breach, Epsilon, and lets not forget that this isn’t the first time WordPress has been attacked.
WordPress was hit hard in 2009 when hidden admin accounts were creating back doors. Just last month, WordPress also suffered a huge DDoS attack, affecting 10 percent of its hosted sites. Let’s remember that this blog host serves some 18 million sites. Mullenweg originally believed the March Distributed Denial of Service attack was motivated politically by China, though later he changed his thoughts on who the culprits may be. There’s no word yet that this April root break-in is politically motivated, but these attacks may be building to some sort of crescendo.
- Hacker infects 100K routers in latest botnet attack aimed at sending email spam
- Hack affects 2 million T-Mobile customers, unclear if passwords included
- Researchers warn smart home appliances could be used to attack power grids
- Wi-Fi vulnerability could allow attackers to steal your data on unencrypted sites
- Hacked Chrome extension disguised as legitimate version steals logins