THE SERVICE SET UP BY WordPress to better support WordPress has failed users by suffering a security breach and behaving just like the rest of the internet.
WordPress, and its themes, are often shone with the dark light of the security vulnerability, but we do not hear of WP Engine often. Regardless of that, it seems to do good business and is reaching out to those that it does business with to tell them what went wrong and what they need to do about it.
A reasonable amount of threat mitigation is required, and if you are affected by the issue you are going to have to change your password, again, and probably keep a cautious eye on the comings and goings of your email and financial accounts.
"At WP Engine we are committed to providing robust security. We are writing today to let you know that we learned of an exposure involving some of our customers' credentials. Out of an abundance of caution, we are proactively taking security measures across our entire customer base," said the firm in an urgent missive on its web pages.
"We have begun an investigation, but there is immediate action we are taking. Additionally, there is action that requires your immediate attention."
This action is probably to panic in the short term, and then to change your password and cancel any instances of its reuse across the internet. You know the drill. This is a daily thing, right? Judging by the WordPress statement we are in the early days of internal investigation.
"While we have no evidence that the information was used inappropriately, as a precaution we are invalidating the following five passwords associated with your WP Engine account," explained WordPress as it revealed the sale of its - actually, your - problem. "This means you will need to reset each of them."
Have fun with that. µ
Firm has slashed emissions by almost 40 per cent against 2005 baseline
These 'roos are small. These 'roos are far aw... no wait, they're small as well
Firm says decision means no other firm will have to relive its 'nightmare scenario'
Firm claims cloud-based threat detection will 'stop attacks as they happen'