Account hacked

• 

  dinoschristou · Member · Feb 24, 2020 at 11:57 am

  • Copy link
  • Add topic to favorites

  I started receiving emails from WordPress over the last week and I have now seen that my account has been hacked and a random Russian site setup!! Please can you help asap!

  The blog I need help with is: (visible only to logged in users)

• 

  dinoschristou · Member · Feb 24, 2020 at 11:59 am

  • Copy link

  I have deleted this now and changed my password but please advise if it is secure.

• 

  kokkieh · Staff · Feb 25, 2020 at 7:10 am

  • Copy link

  Hi there,

  Changing your password is the best thing here – there weren’t any password resets on your account prior to the site being created, meaning whoever did it already knew your password. For an extra layer of security, also consider enabling two-step authentication on your WordPress.com account, and any other online accounts that support it.

  Enable Two-Step Authentication

  I checked your email on https://haveibeenpwned.com/, and it looks like it has been involved in a number of known data breaches. If your WordPress.com account used the same password as your account on any of those services, that is likely how this person managed to get in, so also make sure you update your password on any other accounts where you might have been using the same password, or are using the same email address to log in.