It looks like this was updated 12 days ago (from this message). Did you add an account recovery number at that time?

I strongly recommend that you check the number that's on file (you can check it by going to WordPress.com and checking your personal settings), and if it's your number you should be fine.

If it's not, please update it and change your password for your WordPress.com account and your email address.

Then read this please knowing that blogs don't get hacked when security protocols are followed. > http://en.support.wordpress.com/security/

1. If you can log-in go here > Users > All Users and delete any user that does not belong there.

2. Disable post by email > http://en.support.wordpress.com/post-by-email/

3. Disable post by voice > http://en.support.wordpress.com/post-by-voice/

4. Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password

5. Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.

I tagged this thread for Staff. Please subscribe to it so you are notified when they respond.