WP Engine Suffers Security Breach

WP Engine has suf­fered a major secu­ri­ty breach it forc­ing to reset over 30,000 cus­tomers’ pass­words. On Tues­day, the Word­Press host­ing out­fit con­fessed to the hack attack. It post­ed rec­om­men­da­tions on reset­ting pass­words with updat­ed step-by-step links on how to do it.

WP Engine is a Host­ed ser­vice provider, which man­ages Word­Press host­ing for mis­sion crit­i­cal sites around the world. Set up by Word­Press to bet­ter sup­port the giant web pub­lish­ing plat­form, it had stayed clear of any secu­ri­ty vul­ner­a­bil­i­ties — unlike Word­Press and its themes- up till now.

In an urgent secu­ri­ty noti­fi­ca­tion on its site, WP Engine announced the secu­ri­ty breach. They said, “At WP Engine we are com­mit­ted to pro­vid­ing robust secu­ri­ty. We are writ­ing today to let you know that we learned of an expo­sure involv­ing some of our cus­tomers’ cre­den­tials. Out of an abun­dance of cau­tion, we are proac­tive­ly tak­ing secu­ri­ty mea­sures across our entire cus­tomer base.”

“We have begun an inves­ti­ga­tion, how­ev­er there is imme­di­ate action we are tak­ing. Addi­tion­al­ly, there is action that requires your imme­di­ate atten­tion” said the WP Engine Team, refer­ring to the reset­ting of pass­words. “While we have no evi­dence that the infor­ma­tion was used inap­pro­pri­ate­ly, as a pre­cau­tion, we are inval­i­dat­ing the fol­low­ing five pass­words asso­ci­at­ed with your WP Engine account. This means you will need to reset each of them.”

The firm imme­di­ate­ly reached out to its clients inform­ing them of the attack and on how to guard their accounts. Users with an account at WP Engine should change their pass­word and keep a watch­ful eye over email com­ings and goings, as well as, their finan­cial trans­ac­tions.

WP Engine apol­o­gized for the attack, “We apol­o­gize for any incon­ve­nience this event may have caused. We are tak­ing this expo­sure as an oppor­tu­ni­ty to review and enhance our secu­ri­ty, and remain com­mit­ted to strong inter­nal secu­ri­ty prac­tices and process­es.”