We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Hackers gain root access to Wordpress servers

Automattic, the company behind Wordpress, says hackers may have pilfered source code

Hackers have compromised several servers that support WordPress and may have obtained source code, according to the founding developer of Automattic, the company behind the popular blogging platform.

Matt Mullenweg wrote on the WordPress blog that Automattic has been reviewing log records to determine how much information was exposed and re-evaluating "avenues to gain access."

"We presume our source code was exposed and copied," Mullenweg wrote. "While much of our code is open source, there are sensitive bits of our and our partners’ code. Beyond that, however, it appears information disclosed was limited."

Mullenweg wrote that the company had no specific advice for WordPress users besides using strong passwords, not using the same password for multiple sites.

In the comment section of the blog post, a user asked if WordPress stores passwords in plain text or stores hashes of passwords. Mullenweg wrote that WordPress uses the Portable PHP password hashing framework.

"Our investigation into this matter is ongoing and will take time to complete," he wrote. "As I said above, we’ve taken comprehensive steps to prevent an incident like this from occurring again."

The intrusion follows what Automattic described as its worst distributed denial-of-service attack in its history last month, although the attack was thwarted soon after it started.

Send news tips and comments to [email protected]


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Why Apple shouldn't be blamed for exploitation in China and Indonesia