I recently got hit by a hacker on my site. The hacker (originating from Denmark) didn’t get into my server, but according to all the security logs he did know all my users.
It was a brute-force attempt so he was constantly spamming with different passwords, which is quite normal. But how can he know all my registered users “username”?
The only administrator on my wordpress is me, and the only person that can see other users on my system is me.
Some of the users can be collected due to their comments and so on, but even people that never ever write anything had been targeted by this hacker!?
Anyone got an idea, because this question is eating me up. The wordpress installation and database are intact (as far as I can tell). And there are no “strange users” on the system. I can’t see anything that would suggest the hacker could get his/her hands on the users of the wordpress installation.
- The topic ‘Hacker knows my users?’ is closed to new replies.