Website hacked, haven't heard back from WordPress

  • Unknown's avatar
    spacecrow · Member ·

    I’m posting from my old WordPress account. My other paid account (from which I run my theatre company’s website) has been hacked. No one else has access to the password, but someone managed to get in, change the background image of the website, and change the password and the admin e-mail associated with the account.

    I submitted a complaint to WordPress via the security form three days ago, along with my API key and preferred contact e-mail. I’ve had to cancel the credit card associated with the account and I’m getting a lot of complaints from site viewers, but I haven’t heard anything from WordPress yet.

    Does anyone have any suggestions for getting back into the site or getting a response from WP admin?

    The blog I need help with is: (visible only to logged in users)

  • Unknown's avatar
    auxclass · Member ·

    What is the URL of the site you are having trouble with?

    I have also flagged this for staff attention

    Some general guidelines are below for “hacked” sites

    The only “hacked” sites I have seen here have been people getting the password somehow to a site so you do want to be careful how you log in and use a tough password.

    You should also check to make sure that someone has not added a new user to your site. Problems have also happened when there was more than one Admin. and an Admin left on less than graceful terms.

    Dashboard >> Users

    Many times a users email is hacked or the password guessed and the email account is used to get access by requesting a password reset – you need to change your email password and make sure they nobody has been added to your email account.

    You should also run a virus check on you PC to make sure your PC does not have a security issue that has compromised your email or WordPress.COM log-in information (also your bank etc. if you do online banking or retirement accounts)

    There have also been a few Posts on “hacked” sites and it was because someone got the Post by Email address and using the Post by Email to send in new Posts, if you have Post by email disable the Post by Email and regenerate the address. Spammers have scripts the generate email addresses and they sometimes can get a valid address for a Post by Email address.

    If you are really concerned you could as the staff to look at your site: http://en.support.wordpress.com/contact/

    You could also use a secure log-in in case you are on an unsecured link: http://en.support.wordpress.com/https/

  • staff-blorbo · Staff ·

    Sorry for the trouble!

    To restore access to the account, please visit https://en.wordpress.com/wp-login.php?action=lostpassword and click “Need More Help?” if necessary.

    We’ll take everything from there.

  • The topic ‘Website hacked, haven't heard back from WordPress’ is closed to new replies.