(The Hosting News) – Thousands of WordPress.com blogs founded themselves feeling the wrath of hackers recently. According to a Tuesday report from The Hacker News, users began receiving password reset notifications from the popular blogging platform.
“We recently detected suspicious activity on your WordPress.com account. To protect your identity and keep your site safe, we’ve reset your password,” was the message WordPress.com blog owners reportedly got.
One user in particular told the news source that when logging into his WordPress.com account, a posted article featured a spam advertisement pushing users to get paid for survey taking.
“Get Paid $5-$40 per survey, and they just take 5-10 minutes each!” read portion of the text.
The extent of the attack was noted when the Hacking News Google-searched “site:wordpress.com “Im getting paid!”. The result? A large number of WordPress.com sites are present in results.
Security firm Sophos, meanwhile, talked to Automattic’s Barry Abrahamson who told the security firm that a server breach was not the blame for the hack. Instead, users were likely “sharing the same password across multiple services,” he told Sophos.
“It’s good news that the sites hosted on WordPress.com weren’t hacked due to a vulnerability. After all, many blogs choose to host on WordPress.com in order to avoid the headache of managing their own security and updates on self-hosted WordPress installations,” the security company commented through its Naked Security blog. WordPress.com hosts over 56 million blogs worldwide.