WordPress security scare revealed to be false alarm
Fears that popular content management and blogging platform WordPress might have suffered a fundamental breakdown in security have been allayed following the revelation that a recent hacking scare was attributable to user carelessness rather than to a fault in the security management of the platform itself.
The scare arose following a recent infiltration in many individual WordPress account holders’ sites of an advertisement for an internet-based money-making scheme. It is understood that the number of account holders affected by the appearance of the ad on their site ran into thousands.
The infiltration is reported to have been all the more alarming given that many account holders did not start to realise what had occurred until they had received a notice from WordPress itself advising them that their passwords had been changed.
However, according to Automatic – the company behind WordPress – the cause of the infiltration was definitely not shown to be down to any breaches of WordPress’s own security walls, but was most likely traceable to poor password security on the part of account handlers themselves.
More specifically – in the words of Automatic’s Barry Abrahamson – the fault was most likely attributable to:
“…people sharing the same password across multiple services.”
Most security experts advise to always use a different online password for different platforms and applications since this minimises the damage caused should a password be stolen.
The confirmation of the integrity of WordPress security will be seen as a relief all round since the automatic provision of high security is one of the featured attractions of the platform.