WordPress firm Automattic suffers root-level hack

WordPress firm Automattic suffers root-level hack

Summary: Hackers gained administrative privileges to a number of Automattic servers, WordPress founder Matt Mullenweg has said

TOPICS: Security

Automattic, the company behind blogging platform WordPress.com, has suffered an attack that gave hackers complete access to a number of its servers.

Read this

Anonymous will attack until it 'stops being angry'

The online collective has vowed to keep using distributed denial-of-service attacks against the anti-piracy lobby, according to an interview with the security company PandaLabs

Read more+

WordPress users should take precautions about their passwords, the site's founder Matt Mullenweg said in a blog post on Wednesday. WordPress has nearly 18 million hosted blogs.

"Automattic had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed," Mullenweg said, adding that Automattic's source code, which is mainly open source, may have been exposed and copied.

The company uses cryptographic techniques including hashing and salting to make it difficult for hackers to crack WordPress users' password details, Mullenweg said. Nevertheless, people should use strong passwords and make sure not to reuse passwords across different websites, the WordPress founder noted.

The company is investigating the breach and has taken steps to re-secure "avenues used to gain access", he said.

WordPress has been the target of attacks in the past. In March the blogging platform underwent a large-scale denial-of-service attack that affected a number of blogs.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to start the discussion