Managed WordPress hosting provider
WP Engine has suffered a major data breach. WP Engine, which has headquarters in Austin, Texas, United States, specializes in offering “zero compromise” WordPress solutions both to individual users and enterprise customers. The company’s servers are optimized for the WordPress platform, meaning its customers experience faster page loading times and greater reliability. The breach attacked user credentials leading to WP Engine urging customers to change their passwords immediately.
Nobody has claimed responsibility for the breach, which took place of December 9, 2015. WP Engine has released a statement suggesting the authorities are investigating the incident. “Please allow me to express my deepest apologies for the frustration caused by the exposure involving customer credentials. I recognize the concern this news causes,” suggested CEO Heather J Brunner on the company’s site. “When we became aware of the exposure, we committed all company resources, globally, to take action. In addition to our own investigation, we have also engaged with third party security experts and federal law enforcement.”
News of the breach comes in the wake of revelations about possible vulnerabilities in the WordPress platform. WordPress is an OpenSource (OS) Content Management Solution (CMS) which underpins more than 60 million websites and, according to WikiPedia, “23.3% of the top 10 million websites as of January 2015”. Security-as-a-Service (SaaS) provider Zscaler recently released details of a spyware attack that was targeting WordPress websites.
Have you been impacted by WP Engine’s breach? Let us know the details. Add your comments below.
