It's not a security breach. In fact, this could be a Good Thing(tm).
If you check Admin/Settings/General, under Membership you should see that the box entitled "Anyone can register" is ticked and that the "New User Default Role" is set to "Subscriber". These are the standard settings for any WP blog/site.
Users with the role of Subscriber can't actually "do" anything on the
site but some sites will sometimes offer special, subscriber-only,
content. So someone liked your site so much that he wanted to make sure that, if there were any "specials", he'd be able to access them. That's why this is a Good Thing.
Don't feel obliged to now offer subscriber-only specials. Many blogs
don't bother and people still subscribe as a way of indicating that
they're a fan of the blog and will probably be reading it regularly.
Build up a reasonable list of subscribers and you might want to look at emailing them when you've added a particularly good new post (there are plugins for this) or giving them a sneak preview of something that won't be on public display for a few weeks.
All in all, a good sign. Hopefully you'll start getting a lot more of