How many times has WordPress been hacked?


Hello, this is TheresaJewel and I just deleted a second “blog post” that was pure spam. It was supposedly written to ask you for donations by Dr. Nguyen Duc Kien, the Chairman of the Hanoi FC Vietnam. According to Wikipedia, Dr. Kien does exist, but why is he asking for funding when he has a “personal fortune estimated at over $90 million US dollars“?

I looked through a few of the proposed links and found this junk posted on the blog(s) of another person or two in addition to both of mine.

How do people keep hacking WordPress? What is it about WordPress that allows such easy access? I’m 99.9% sure no person figured out my new password, because I changed it to something I need to look up every time I sign in.

I decided to create a poll. This is for anyone with a blog, but I definitely want to hear from all WordPress users.

After you vote, I would love to hear from anyone who can tell me how to stop this. If I can’t stop it, I may go back to Blogger or my Weebly.com site.

Thank you for your advice.

Sorry about that last post – now deleted


I originally checked in to explain my eight-day absence, but when I saw what had occurred on my blog, I became upset.

I’m angry and frustrated someone or something else (botnet?) wrote a post on my account without my permission. I am very sorry for the post on June 2, 2013 which is now deleted. It was not written or copied by me, nor would I willingly allow something like that on my blog.

From the “related articles” (Zemanta), I found I’m not alone. “Botnets” attacked thousands of WordPress blogs and apparently broke into hundreds of them. Perhaps the guides below will help others who had the same problem.

I suggest we install a security step which seems extremely simple to me. Why not build in a challenge question? You know the ones you have to answer before getting your password reset and/or sent to you in an email. We could choose a  question that no one else is likely to guess and be required to answer it before publishing a post. On the other hand, why isn’t there already a “Prove you are a human” challenge on WordPress? They are on almost every other website I ever visit.