I think our account was hacked
-
Hello. It looks like someone was able to hack our wordpress account. They gained access by using one of our users account information and posted inappropriate content. How could they have hacked into this person’s wordpress account?
The blog I need help with is: (visible only to logged in users)
-
re: hacked accounts and blogs
If anyone is posting anything to your blog or removing anything from it, or changing anything in it, or if your blog has been deleted and you did not delete it, then it’s most likely that you have provided them with the ability to do so, either deliberately by adding them as official users, or by allowing them access to your login information, or by posting content that makes it easy for them to guess what your log-in information is.
For you, the question that needs to be answered is: Who, aside from me, has access to my login information?
Go to your email program immediately and change the password to a very difficult one because that’s how many hackers gain access to blogs.
Read > http://en.support.wordpress.com/security/
Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password
You can also reset your password via your Settings tab on the WordPress.com home page:
http://wordpress.com/#!/settings/Disable post by email https://en.support.wordpress.com/settings/email-post-changes/
If applicable see Removing Users https://en.support.wordpress.com/user-roles/#removing-users Note that only one Admin per site is recommended for exactly this reason https://en.support.wordpress.com/user-roles/#administrator
Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.
Use two step authentication http://en.support.wordpress.com/security/two-step-authentication/
Run a security scan on your computer. See here to run a security scan http://geekflare.com/online-scan-website-security-vulnerabilities/
Never leave your computer logged into your blog and walk away from it. Always log out properly.
Also, be aware that Staff have records of who did what under which username and login information and when they did it. I flagged this thread with modlook for a Staff follow-up. Please subscribe to it so you are notified when they respond. To subscribe look in the sidebar of this thread, find the subscribe to topics link and click it. Note that there is a backlog and be patient while waiting.
-
Additional information:
Companies, organizations and groups of any kind do not own sites. Sites are solely owned by the WordPress.COM username account that registers them and who is the original Admin of the site. Only one Admin per site is recommended for exactly this reason: Nothing related to site-administration is off-limits for Administrators, including deleting the entire site. https://en.support.wordpress.com/user-roles/#administrator
-
Hi there,
How could they have hacked into this person’s wordpress account?
The only way to “hack” a WordPress.com account is via the password. If the owner of the account had a poor WordPress.com password, a poor email password (anyone with access to the email account can reset the WordPress.com password) or poor browser habits (keep the browser logged in on a shared computer, saves passwords in the browser, etc), that could all give an attacker access to their account.
I recommend you insist all users on your site immediately update their passwords for WordPress.com and their email accounts, and enable two-factor authentication on both to prevent something like this from happening again. This might also be a good time to audit existing users on your site, remove any who aren’t active any more, and make sure no one has more permissions than they need – you currently have 3 admins and 7 editors, any of which can make changes to any post, page or comment on the site.
You can see the links @timethief posted above for more information.
-
Hi,
I just got a reset email from WordPress. Not a request to reset but a notification that it HAS been reset.Thank goodness I had no content on it. But the fact remains that this was done within the account.
This most likely means that my account details has been taken off of the server!!!!
This needs to be flagged and checked on the server side.
-
Please don’t post into old threads with unrelated issues.
Please reply directly to that email if you have any questions about this.
- The topic ‘I think our account was hacked’ is closed to new replies.
WordPress.com Forums 