Admin User Deleted – Possible Hack

  • scarlet522

    (@scarlet522)


    8 years, 11 months ago

    Early yesterday morning (Mar 1, 2017), my website was working just fine. Went I went to visit it around 8:30, the entire site was screwed up, and I was logged out of my admin user account. When I went to log in, it kept telling me incorrect password. This is not possible because I have my password saved, so it automatically fills in when I put my username in.

    Thankfully, I had another admin account I never use, so I was able to gain access to my admin via that username. It seems my website was hacked, and they DELETED my main admin username, taking 80% of the website with it (all media files I’d uploaded, all news posts, all pages tied to my username, etc). I am beyond devastated because my idiot self did not have a back-up in place, so I will be spending months rebuilding the website. Thank goodness my products (I have more than 1600!!!) are there, though thumbnails are gone.

    So, my question for support purposes is where do we report stuff like this to wordpress? Is there a place we need to report security issues? I am sure they collect information like this somewhere so they can investigate and fix any security issues with future updates to WordPress. I just couldn’t find where to report/post it.

    I have a dedicated server with several wordpress websites. My hosting company scanned my server and found no malware. Only one website (the largest – and my money maker) was affected. All other wordpress websites on my server are fine, with admin users still there.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    8 years, 11 months ago

    Remain calm and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    If you think something criminal is involved, then you should report this to your local police and/or the FBI.

    Thread Starter scarlet522

    (@scarlet522)

    8 years, 11 months ago

    It’s hard to remain calm when I am going to spend months rebuilding my site. Yes, i have seen that page for FAQ on the site being hacked and will look over it. I just wanted to find out if there was some way to report issues to wordpress since new releases fix security issues. I saw a few other people had this same issue in the support forums.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    8 years, 11 months ago

    If you know the vector of the attack and can relate it to a specific unpatched vulnerability, then you’d report it to security (at) wordpress (dot) org, but most hacks come through other methods — bad passwords, incorrectly secured sites, etc.

    “Remain calm” is sort of “take a deep breath”.. Yeah, I think I’ll change my boiler plate. Telling someone to “stay calm” is rarely productive. 🙁

    What version of WP are you on?

    Thread Starter scarlet522

    (@scarlet522)

    8 years, 11 months ago

    I’m using the latest: 4.7.2

    Unfortunately, I don’t even know what you’re talking about regarding vectors. 🙁 My hosting company found no malware on my dedicated server.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Admin User Deleted – Possible Hack’ is closed to new replies.

Tags