Title: roxyghost's Replies | WordPress.org

---

# roxyghost

  [  ](https://wordpress.org/support/users/roxyghost/)

 *   [Profile](https://wordpress.org/support/users/roxyghost/)
 *   [Topics Started](https://wordpress.org/support/users/roxyghost/topics/)
 *   [Replies Created](https://wordpress.org/support/users/roxyghost/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/roxyghost/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/roxyghost/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/roxyghost/engagements/)
 *   [Favorites](https://wordpress.org/support/users/roxyghost/favorites/)

 Search replies:

## Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)

 *   Forum: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
   
   In reply to: [HACKED twice in one week ver 2.7](https://wordpress.org/support/topic/hacked-twice-in-one-week-ver-27/)
 *  [roxyghost](https://wordpress.org/support/users/roxyghost/)
 * (@roxyghost)
 * [17 years, 1 month ago](https://wordpress.org/support/topic/hacked-twice-in-one-week-ver-27/#post-968279)
 * I’m hosted on Heart Internet and got hacked just over a week ago (2.7). They 
   used the forgot password functionality somehow to change the password and then
   used the theme editor to upload their files. Think it was just a defacement but
   since I was away last week I have yet to go through everything and restore it
   to normality.
 * The odd thing was, I checked my stats and they found my blog by searching MSN
   search for the IP of the heart server and the word “wordpress”.
 * Would appreciate some thoughts on this!
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Site Hacked by using “Lost Password”](https://wordpress.org/support/topic/site-hacked-by-using-lost-password/)
 *  [roxyghost](https://wordpress.org/support/users/roxyghost/)
 * (@roxyghost)
 * [17 years, 1 month ago](https://wordpress.org/support/topic/site-hacked-by-using-lost-password/#post-959598)
 * I too would like answers about this, I’ve got a developer looking through the
   logs but this really does look like something which needs some work.
 * What add ons did you have installed? From what we can see the hackers got in 
   via the forgot password – don’t know exactly how – and then used the theme manager
   to upload the new files.
 * Would like some answers!

Viewing 2 replies - 1 through 2 (of 2 total)