Password theft, blogs deleted, sabotage…
-
Hi
I use this account professionally at my job at the Town Hall. Someone guessed my password (believing a similar post where support claims its impossible to hack).This was a vicious theft and sabotage. Password reset, and one by one, all blogs deleted.
tomartourism.wordpress.com
congressodasopa.wordpress.com (to which I had http://www.congressodasopa.com forwarded)
diadaespiga.wordpress.com (to which I had http://www.diadaespiga.info forwarded)
cineteatroparaiso.wordpress.com
campingtomar.wordpress.com (to which I had http://www.campingtomar.com forwarded)
thrillingdreams.wordpress.com
tomar2010lego.wordpress.com (to which I had http://www.tomar2010legofanevent.com forwarded)Look at the timeline:
to {removed}@gmail.com
date 4 June 2010 16:58
subject [ Thrilling Dreams ] Delete My Blog
…
…
{removed}@gmail.com
date 4 June 2010 17:05
subject [ Tomar 2010 LEGO® Fan Event ] Delete My Blog
…
WordPress.com
to {removed}@gmail.com
date 4 June 2010 17:07
subject [ Tomar ] Delete My BlogStrangely, on my gmail account (that had same password) the messages were unread (not clicking the confirmation links) or they wasted time marking those messages unread…. strange, very odd…
I find it absurd not to allow undeleting a blog. What a waste. Is there nothing you guys can do?
-
You did not specify a blog address or reason for posting when you created this topic.
This support forum is for blogs hosted at WordPress.com. If your question is about a self-hosted WordPress blog then you’ll find help at the WordPress.org forums.
If you don’t understand the difference between WordPress.com and WordPress.org, you may find this information helpful.
If you forgot to include a link to your blog, you can reply and include it below. It’ll help people to answer your question.
This is an automated message.
-
-
This is a public forum and anyone can now read what you posted above. The Volunteers answering questions on this forum cannot help you. This is the contact link for Staff. http://en.support.wordpress.com/contact/
-
Also read this and understand why posting email addresses on public forums is unwise. Spam harvesting bots will now coolect all your email addresses and spam the crap out of them. http://onecoolsitebloggingtips.com/2007/10/18/eluding-email-address-spam-bots/
-
If your password was guessed, then it was not strong enough, and having a password that can be guessed does not move this into the realm of “my blog has been hacked.” Having a password people can guess is the problem.
The number one rule of creating a strong password: If you can remember it, it isn’t strong enough. You have to use upper and lower case letters, number and symbols in your passwords.
The strength of your password is the weakest link in your security chain.
-
Contact staff as Timethief recommends, give them all the details and see what they have to say. They have logs of all the activity, so they can look back through this and figure out what happened.
-
-
-
Are you the only Admin? If not then do know we have heard about this kind of ‘sabotage” over and over again. That’s why the support documentation contains a warning about assigning user roles.
http://en.support.wordpress.com/user-roles/
It’s also why under passwords/security you find another warning and some advice > http://en.support.wordpress.com/passwords/#securityAs TSP says Staff have a log and can see who did what and when they did it.
-
Also, if you blog from work, did you perhaps leave wordpress logged in while you were at lunch or something like that? If you did, someone could have used your computer to get into the dashboard and change the password and the email associated with the account. From there, it would have been easy for them to log in with the new password and delete the blogs.
- The topic ‘Password theft, blogs deleted, sabotage…’ is closed to new replies.
WordPress.com Forums 