WordPress.com hack exposes confidential code
Multiple servers rooted
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
The company that maintains the WordPress.com blogging platform said hackers gained root access to its servers and made off with sensitive code belonging to it and its partners.
Wednesday's advisory from Automattic is the latest to detail a breach on a company entrusted to keep customer information private. The company, which serves about 18 million publishers, said employees are still determining exactly what data was stolen, but the initial assessment didn't look good.
“Automattic had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed,” the company's founder, Matt Mullenweg, wrote. “We presume our source code was exposed and copied. While much of our code is open source, there are sensitive bits of our and our partner's code. Beyond that, however, it appears information disclosed was limited.”
In the comments section to his post, Mullenweg said there's no evidence that passwords were exposed, “and even if they had they'd be difficult to crack.” He advised users to change their passwords anyway, especially if the same one is used in two or more places. WordPress passwords are hashed and salted using the Portable PHP password hashing framework, he added.
Mullenweg didn't say how hackers were able to root multiple servers belonging to his company but said it has “taken comprehensive steps to prevent an incident like this from occurring again.”
Automattic joins companies including RSA Security, Epsilon, and an unnamed reseller of SSL certificate authority Comodo in admitting to breaches that put its customers at risk. So far, there's little public evidence about who is responsible for the hacks.
With about 12 percent of websites running WordPress, the platform has long been a target of hacks. In 2009, a spam-friendly worm attacked older installations of the program, including that of tech blogger Robert Scoble, who lost two months of blog entries as a result. It was the second time that year that his blogging software had been exploited.
More recently, WordPress.com came under a massive denial-of-service attack that made it impossible for many of its users to publish their content.
Source code stored on Automattic's servers includes API keys and Twitter and Facebook passwords that can used to gain access to sensitive information, TechCrunch said.
COMMENTS
Note to Self
Must remember to change root admin password from "admin"
aaah
From TechCrunch, a site on Wordpress VIP hosting, who often use editorial to criticise hosting problems they have. They're great :|
Source Code on Servers?
How long has IonCube been around? Or there's hiphop the Facebook open source converter for PHP that allows development in PHP but then converts/compiles it as C++ and reduces the number of servers needed by half.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
