WordPress hack sees millions of websites affected
February 14, 2017
According to a report from IT Governance, over 1-1/2 million WordPress websites have been attacked and defaced by criminal hackers. There is a vulnerability affecting WordPress 4.7 and 4.7.1. Most WordPress automatically update, and should be at version 4.7.2; however tens of thousands did not, leaving them open to attack.
WordPress is urging site owners to install the latest update. The attack has been traced to a flaw in an add-on that was introduced in versions of WordPress released at the end of last year. The security firm Sucuri told WordPress about the vulnerability on Jan. 20th, and updates were subsequently installed on most WordPress sites.
Dynamic Graphics takes care of maintaining updates for our clients, including the WordPress core and plug ins (add-ons) as they are released. However, there are no guarantees, ever, from the possibility of a hacker accessing any kind of website, including one developed with html or other types of code. We recommend, for more protection, to add an SSL certificate to your website for an extra layer of security.
SSL stands for Secure Sockets Layer. It is a protocol which creates a secure connection between a client and the server over which to send information. SSL works by using a cryptographic system that uses two keys to encrypt data.
If you are interested in having us add an SSL certificate to your wordpress website, contact us.