iTnews

Wordpress resets logins after Gmail credentials leak

By Juha Saarinen on Sep 14, 2014 6:04AM
Wordpress resets logins after Gmail credentials leak

600,000 Wordpress accounts found in dump.

Auttomatic, the company behind the popular blogging and web publishing platform Wordpress, has reset over 100,000 customer accounts following last week's dump of almost five million stolen Gmail login credentials online.

Security officer Daryl L L Houston said Auttomatic had downloaded the list of leaked credentials that was posted on a Russian web forum and compared it to Wordpress users' passwords to see if there were any matches.

Users whose password matched leaked credentials have had their Wordpress.com account details reset, and have been sent email containing instructions on how to get a new one.

Houston said Auttomatic took the preemptive step over the weekend Australian time to protect Wordpress.com users.

Around 600,000 other Wordpress.com users' email addresses are also on the list, Houston said. However, since these were not immediately vulnerable, their passwords weren't reset.

Instead, these users will receive a notification in the Wordpress dashboard asking them to check the security of their passwords. Houston also encouraged Wordpress users to enable two-factor authentication.

Google has also responded to the leak, and protected the active accounts it could find in the data dump, as well as reseting their passwords.

It found that fewer than two percent of username and password combinations in the list would have worked and enabled attackers to log in to Gmail accounts, and added that its automated anti-hijacking provisions would have blocked many of the attempts.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
auttomatic gmail hack leak passwords security wordpress

Partner Content

What is zero trust cybersecurity?
Partner Content What is zero trust cybersecurity?
What conversations should executives be having about cyber security?
Partner Content What conversations should executives be having about cyber security?
Putting cyber security basics in place
Partner Content Putting cyber security basics in place
Shut the door on ransomware
Promoted Content Shut the door on ransomware

Sponsored Whitepapers

The top 5 tech trends to deliver business outcomes
The top 5 tech trends to deliver business outcomes
10 reasons why businesses need to invest in cloud security training
10 reasons why businesses need to invest in cloud security training
Your guide to application security solutions
Your guide to application security solutions
State of Software Security: Open Source Edition
State of Software Security: Open Source Edition
Five questions to ask before you upgrade to a SIEM solution
Five questions to ask before you upgrade to a SIEM solution

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • [iTnews and Micro Focus] Navigating the cloud modernisation minefield
By Juha Saarinen
Sep 14 2014
6:04AM
0 Comments

Related Articles

  • Judge narrows Tesla lawsuit against former employee
  • SolarWinds, Microsoft, FireEye, CrowdStrike executives face US Senate grilling
  • SolarWinds hack was 'largest and most sophisticated attack' ever: Microsoft
  • Biden enlists 'world class' cyber security team
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

TPG Telecom to start enticing NBN customers to move

TPG Telecom to start enticing NBN customers to move

Infosys scores another $40m for Centrelink payments engine build

Infosys scores another $40m for Centrelink payments engine build

Telstra InfraCo opens up telco's own fibre network

Telstra InfraCo opens up telco's own fibre network

Transport for NSW data stolen in Accellion breach

Transport for NSW data stolen in Accellion breach

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.