WordPress Mass Breach
A recent WordFence report indicates that an enormous 1.4 BILLION WP username and passwords were leaked on December 5th. As a result there has been a massive increase in brute force attacks against all WordPress websites and we’ve been seeing record numbers too.
Please be aware this potentially affects any WordPress install at any Hosting Provider
This is the highest volume WP attack in history and it is vital that best security practices are enforced to keep your data safe and secure on our servers.
WebZer has taken measures on all of our shared platforms to prevent further attacks to any sites via their wp-login.php scripts. These attacks are being filtered by our servers and over 10,000 unique IP’s have already been blocked. We have also increased the sensitivity of these checks to reduce the chance of unauthorized access.
You can help too.
1. Install WordFence on your WordPress site
2. Change your administrator password now.
3. Delete any administrator/editor accounts that are unused.
4. Use WordFence to monitor your incoming wp-login.php traffic with e-mail alerts.
5. Do not reuse a password on multiple services!
While hacks and leaks like this can be concerning, by following our quick checklist you will significantly reduce any potential threat to your sites. Should you need any assistance our support team is here to help. You can get in touch through tickets/e-mail.
All our clients that are on the WordPress Hosting package have been updated by us, there is nothing you have to do if you are on those account.