Blog and Main Email Hacked
-
Please help me.
It seems my blog http://www.shalloweuphoria.wordpress.com has been hacked. It keeps on saying wrong password when I thought I perfectly remember what my password is. I tried your password recovery methods but no notification is being sent to my main email that is linked to the shalloweuphoria.wordpress.com account.
It seems my password for shalloweuphoria.wordpress.com has been reset by someone else, and then the linked email address was also changed. No trace also of the authentication number from my main email! I am starting to think these were all wiped out by the hacker of said email! I also have no transaction receipts with wordpress because I am only a free user.
I have other old wordpress accounts (including this one that I am using to send this writeup) that I am not using anymore. these are all linked to old email addresses of mine. I opened all these old email addresses that I own just in case the password recovery link for shalloweuphoria.wordpress.com account might get sent there, but nothing! All these old wordpress accounts i have are still properly linked to the respective old emails,. The anomaly is only on my current blog http://www.shalloweuphoria.wordpress.com.
Please help me. Is there any way I could prove ownership of http://www.shalloweuphoria.wordpress.com and prove my identity as well, aside from the three standard verifications you have in your Support page?
-
I tagged this with modlook to get attention from Staff. They can see in the log files what happened to your blog.
-
-
Hi there,
Your site at https://shalloweuphoria.wordpress.com/ belongs to the username, shalloweuphoria.
That account has not been hacked, but you are correct that the password has been reset. We reset the password two weeks ago as a security precaution after we found the same password you were using for that site in a list of hacked passwords from another service. In other words, your WordPress.com account was using the same password as your account on another website. The account on that other website was hacked and your password stolen, so we reset the password on your WordPress.com account so the stolen password cannot be used to hack your account with us as well.
We sent you an email to the address on that account when we did this, but it appears that email bounced with an error that your email address no longer exists. The password reset emails are also bouncing for the same reason.
If you no longer have access to the correct email address for that account, please submit our account recovery form instead. That is the only other way to regain access to that account.
If you can’t provide any verification info required by the account recovery form, we cannot give you access.
-
Dear Sir,
that is not fair, how can I provide the verification being asked in the Recovery Form when the activation URL you require is precisely in the former email that doesnt exist anymore and that bounces back as you said! I dont even know or remember what email you are referring to?
I tried opening all my emails and none of those received the Password Activation Link.
I do not have the transaction ID because I am a free user, nor the two factor authentication code.
How can you reset my password unilaterally, without notifying me and asking for my permission? If you yourself said that the email that links to my blog did not exist anymore, then how am I going to retrieve the activation URL???
Your procedure is flawed and circular.
I can provide you all my existing email addresses. And all the other old wordpress accounts that I own. Should I even send you documents proving my identity? and compare it with the contents of my blog, my information there, and even the drafts saved but not published? I am willing to prove my identity in ways other than required in the Account Recovery Form, as those three are impossible to supply now.
-
Sir/Wordpress,
Please don’t ignore my concern. You can actually verify that I own shalloweuphoria.wordpress.com by reading and comparing the contents of such blog.
1. at this posts:
https://shalloweuphoria.wordpress.com/2016/04/24/muted-boldness/
https://shalloweuphoria.wordpress.com/2015/11/29/platforms-and-all/— I mentioned the name of my “old” blog there many times. It is the same account I am using now to write to you.
2. And also you can trace that I’ve been opening both accounts from similar locations. My country, and specific city.
3. If that is not enough, just look at the pictures on both sites. these are all me — one and the same person!
4. Read up on the stories in shalloweuphoria.wordpress.com. Theyre basically continuation of what i’ve been saying in this old account im using now to write you. I’ve been mentioning the same schools, places, family, etc on both blogs over and over again.
How else do I prove to you that the shalloweuphoria account and this malcolmfabness account are owned by one and the same person.
I can send you copies of any proof of my identity — IDs, and whatnot.
I cannot believe that in an attempt to protect me from hackers, wordpress basically became the very hacker of my account. You changed my password without my knowledge. You are currently hijacking my password, and only you can open it. no other people can – not even me!
What is the point of protecting your users from hackers when by your own doing, those users end up not being able to use the platform anyway? This is so unfair and illogical.
Please tell me I can still recover my blog. That blog means a lot to me. You cannot imagine how devastating this is. ughh.. -
Hi. wordpress unilaterally changed my password for my blog http://www.shalloweuphoria.wordpress.com
Then when I complained, wordpress said that they just noticed that they sent the new password to an email which seems “to not exist anymore” and they just noticed when I complained that your notification for my new password “bounced back” to you.Can you please resend the password to the email registered to my account? where you sent it the first time? and see if it still bounces back?? Please I cannot use the Account Recovery Form because I have no activation URL, transaction ID (as im a free user) nor that two factor authentication thing.
So please just resend my “new password” that wordpress unilaterally assigned to me back to my registered email, and I’ll see if i can recover it from there. I recovered an email address that might be the one I used to create my shalloweuphoria account.
Please I can provide what email address that is if you need me to. -
Hi there,
I can certainly understand how losing access to your account can be frustrating. However, we must take account security as a top priority. As requested I resent password set email to the owner of
shalloweuphoriawhich was delivered.If you do not receive the email you may request a new email here:
https://wordpress.com/wp-login.php?action=lostpasswordWithout an email from the address on the account or a proof of ownership token there’s nothing else we can do to reset the password on the account.
-
I got the email for password change, and was able to reset my password. now I have the blog back.
Thank you, but the procedure where you lock us out of our accounts and reset our passwords without knowledge and permission is just unfair and so inconvenient. If I hadn’t complained you wouldn’t have noticed that the email address where u sent the new password notification/link has been deactivated for lack of activity and that it bounced back to your servers or something.
I appreciate the help though. so thank you.
-
Hi there,
Thanks for your feedback, we are actively working on improving our service. We’re trying to make it easier WordPress.com account owners to always have a valid email address on their accounts and constantly review our account recovery options.
If you ever do change your email make sure to keep it updated at:
https://wordpress.com/meThanks again for the feedback and glad you were able to recover your account.
- The topic ‘Blog and Main Email Hacked’ is closed to new replies.
WordPress.com Forums 