Η WPEngine μια από τις μεγαλύτερες εταιρείες hosting της πλατφόρμας WordPress ανακάλυψε μια leakage διαπιστευτηρίων των πελατών της. Η εταιρεία αποφεύγει πολύ προσεκτικά να αναφέρει την λέξη hacking στην ανακοίνωση που εξέδωσε, αλλά παρόλα αυτά αναφέρει ξεκάθαρα την data leakage.
Let's see what the announcement says:
At WPEngine we are committed to providing strong security. We are writing today to let you know that we have a report that includes some of our customer credentials. We look, we are active, taking security measures across our customer base.
We have already started an investigation, but we need to take immediate action. In addition, there is not something that requires your immediate attention.
While we have no proof that the information that they leaked were used inappropriately, as a precautionary measure we are canceling the following five codes accesss related to your WP Engine account. This means you will need to reset each of them. Instructions on how to reset these codes are at the bottom of this email.
In the WPengine portal
In the WordPress database
In SFTP
In the original WP-Admin Account
In all Password Protected Installs
As a best practice, we also recommend that you use this password elsewhere with other applications to change it immediately.
We apologize for any inconvenience this may cause. We take this report as an opportunity to revise and strengthen our security and remain committed to strong internal security practices and procedures.
We take the safety of our customers very seriously. You can have more information about the event from σελίδα http://wpengine.com/infosec