/>
X
Innovation

WordPress hacked in root-level attack

Hackers appear to have stolen source code in a root-level attack on WordPress that could compromise its VIP clients including NASA, the BBC and the New York Times.
darren-pauli.jpg
Written by Darren Pauli on

Hackers appear to have stolen source code in a root-level attack on WordPress that could compromise its VIP clients including NASA, the BBC and the New York Times.

Root

(cmd.exe image by N3wjack, CC BY-SA 2.0)

Attackers compromised Automattic, the company that maintains the popular WordPress publishing platform, and broke into to several servers, gaining access to "potentially anything on those servers", according to the company.

WordPress founder Matt Mullenweg said in a statement that it was unlikely that access details were stolen.

"We presume our source code was exposed and copied. While much of our code is Open Source, there are sensitive bits of our and our partners' code. Beyond that, however, it appears information disclosed was limited," Mullenweg said.

"Our investigation into this matter is ongoing and will take time to complete."

Details were scant on the impact to the estimated 30 million publishers serviced by WordPress, but most customers responding to the WordPress statement were grateful of the disclosure.

Mullenweg advised customers to change passwords and ensure that they are different across websites.

Editorial standards

Related

How to use your phone to diagnose your car's 'check engine' light
BlueDriver Bluetooth dongle

How to use your phone to diagnose your car's 'check engine' light

For $2, you can finally give your Mac an incredibly useful feature Windows has always had
cleanshot-2022-08-16-at-22-34-232x

For $2, you can finally give your Mac an incredibly useful feature Windows has always had

Elon Musk drops details about Tesla's humanoid robot
tesla-humanoid

Elon Musk drops details about Tesla's humanoid robot