By Ed Oswald | Wednesday, April 13, 2011 at 2:33 pm
It’s been a rough go for WordPress. Its been the target of several attacks lately, including a denial-of-service attack last month that severely crippled its servers for several hours. This time, its potentially more embarrassing for the blogging service, as it apparently has been hacked.
Whoever did it pretty much has full access: founder Matt Mullenweg said in a post to the company blog that the hacker has “root” access. In plain English? The WordPress server is this hacker’s oyster, and he or she is free to do whatever they want because they have administrative privileges.
Mullenweg says the company isn’t clear on what exactly may have been revealed and is going over its logs. He guessed they took a look at the source code, parts of which he called “sensitive.” The company is busy securing the server to prevent a repeat, and wouldn’t share much more.
Until we know exactly what happened, its hard to judge the potential effects. If you have an account on the service, and especially a “VIP” account, it may just be a good idea to change your password.