WordPress.com Forums » Topic: Illegal posting on my blog http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog WordPress.com Forums » Topic: Illegal posting on my blog en Wed, 19 Jun 2013 19:00:33 +0000 http://bbpress.org/?v=1.1-alpha-2539 pjad on "Illegal posting on my blog" http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-952531 Sun, 22 Jul 2012 14:06:43 +0000 pjad 952531@http://en.forums.wordpress.com/ Thanks for letting us know about this. We also noticed something suspicious. We have reset the passwords of all affected users and have sent them an email to let them know. If there was any spam posted and not removed before we got there, we also went ahead and cleaned that up.

It is very likely that you were using the same password on WordPress.com that you used elsewhere. Recently, a few large services -- LinkedIn, Yahoo, eHarmony, and Last.fm to name a few -- have suffered well-publicized security breaches that have exposed email addresses and passwords. Although the passwords are usually stored securely, simple passwords can be decrypted or "cracked" in a matter of hours using modern technology.

Hackers gather the lists of email addresses and passwords from these services and then try to use them to access accounts on other popular services, like WordPress.com. If you used the same password multiple places, then your account can be compromised. That is what happened here. We do have measures in place to protect password guessing or "brute force" attacks but in this case, since the password is known beforehand, there is no need for a hacker to guess.

You should have a strong, unique password for every account you have on the internet. We have some more information on selecting a strong password in our Support section, please read through it:

http://en.support.wordpress.com/selecting-a-strong-password/

If you have any additional questions about the security of your account, please contact us using the form on this page:

http://automattic.com/security/

We take security seriously, and are happy to answer any questions you have.

]]> designsimply on "Illegal posting on my blog" http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951791 Sat, 21 Jul 2012 16:52:33 +0000 designsimply 951791@http://en.forums.wordpress.com/ Thank you for posting about this. We're looking into it now to check everything out and make sure things are secure.

]]> timethief on "Illegal posting on my blog" http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951769 Sat, 21 Jul 2012 16:28:11 +0000 timethief 951769@http://en.forums.wordpress.com/ Great! There are security tips here > http://en.support.wordpress.com/security/

]]> catharine2 on "Illegal posting on my blog" http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951768 Sat, 21 Jul 2012 16:27:01 +0000 catharine2 951768@http://en.forums.wordpress.com/ Aha, now I found how to disable post by email and post by voice as well to be really safe.

]]> timethief on "Illegal posting on my blog" http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951746 Sat, 21 Jul 2012 15:58:07 +0000 timethief 951746@http://en.forums.wordpress.com/

post by email ... but now I have enabled

Disable it.

]]> catharine2 on "Illegal posting on my blog" http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951712 Sat, 21 Jul 2012 15:32:00 +0000 catharine2 951712@http://en.forums.wordpress.com/ I don't think I have had post by email activated but now I have enabled and deleted it and changed all passwords. Thanks for all the help.

]]> auxclass on "Illegal posting on my blog" http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951581 Sat, 21 Jul 2012 13:30:46 +0000 auxclass 951581@http://en.forums.wordpress.com/ A few more suggestions:

The only “hacked” sites I have seen here have been people getting the password somehow to a site so you do want to be careful how you log in and use a tough password.

You should also check to make sure that someone has not added a new user to your site. Problems have also happened when there was more than one Admin. and an Admin left on less than graceful terms.

Dashboard >> Users

There have also been a few Posts on “hacked” sites and it was because someone got the Post by Email address and using the Post by Email to send in new Posts, if you have Post by email disable the Post by Email and regenerate the address. Spammers have scripts the generate email addresses and they sometimes can get a valid address for a Post by Email address.

]]> nandobase on "Illegal posting on my blog" http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951528 Sat, 21 Jul 2012 11:35:52 +0000 nandobase 951528@http://en.forums.wordpress.com/ It's a spam. You need to deactivate post by email to prevent it from happening again.

]]> ardpete on "Illegal posting on my blog" http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951506 Sat, 21 Jul 2012 10:47:47 +0000 ardpete 951506@http://en.forums.wordpress.com/ If you undelete the post and set it to private, so only you can see it, staff will be able to have a look at it when they read this thread which I have marked for their attention.

To be on the safe side I would advise changing your password for both your blog and your e-mail address.

]]> catharine2 on "Illegal posting on my blog" http://en.forums.wordpress.com/topic/illegal-posting-on-my-blog#post-951504 Sat, 21 Jul 2012 10:44:09 +0000 catharine2 951504@http://en.forums.wordpress.com/ somebody else has posted on my blog under my name, I have deleted that posting which was about making money on the internet
Blog url: http://catharine2.wordpress.com/

]]>