I run WP 3.8.1.
Today i had two warnings (from a plugin) that several attemps have been made to login and the IPs were banned for a while.
BUT the attempts have been made using two account named (for admin and one for editor).
The Question is HOW the hacker (from Russian IP) knows my two usernamed. They are not posted anywhere.
Any ideas ?