/>
X
Innovation

WordPress hacked in root-level attack

Hackers appear to have stolen source code in a root-level attack on WordPress that could compromise its VIP clients including NASA, the BBC and the New York Times.
darren-pauli.jpg
Written by Darren Pauli, Contributor on

Hackers appear to have stolen source code in a root-level attack on WordPress that could compromise its VIP clients including NASA, the BBC and the New York Times.

Root

(cmd.exe image by N3wjack, CC BY-SA 2.0)

Attackers compromised Automattic, the company that maintains the popular WordPress publishing platform, and broke into to several servers, gaining access to "potentially anything on those servers", according to the company.

WordPress founder Matt Mullenweg said in a statement that it was unlikely that access details were stolen.

"We presume our source code was exposed and copied. While much of our code is Open Source, there are sensitive bits of our and our partners' code. Beyond that, however, it appears information disclosed was limited," Mullenweg said.

"Our investigation into this matter is ongoing and will take time to complete."

Details were scant on the impact to the estimated 30 million publishers serviced by WordPress, but most customers responding to the WordPress statement were grateful of the disclosure.

Mullenweg advised customers to change passwords and ensure that they are different across websites.

Editorial standards

Related

Trade in your old devices for Amazon gift cards. Here's how
Google Pixel Car Crash Detection

Trade in your old devices for Amazon gift cards. Here's how

Kindle Scribe vs ReMarkable 2 Tablet: Digitize your notes
remarkable-2.jpg

Kindle Scribe vs ReMarkable 2 Tablet: Digitize your notes

XeroLinux could be the most beautiful Linux desktop on the market
The default XeroLinux desktop.

XeroLinux could be the most beautiful Linux desktop on the market