Uber blogger Robert Scoble said today that hackers broke into his blog and deleted about two months’ worth of postings — leading to findings that there are security problems with the blogging software he uses, WordPress.
WordPress, a very successful blogging software that VentureBeat also uses, can be used on any server, but it is more vulnerable when used on servers not owned by WordPress itself. Scoble had moved away from WordPress’ servers (which is a version called WordPress.com) to use the WordPress software (WordPress.org) on RackSpace servers — which is when he experienced the problem.
The incident highlights the ongoing challenges of security on Web sites.
The Scobelizer blog is ranked at No. 220 among the Top 500 blogs on Technorati. It isn’t clear entirely how the hackers broke into the password-protected blog, but Scoble noted in his posting that it first happened a few weeks ago when he was still using version 2.7xx of WordPress, which has known vulnerabilities. Scoble upgraded to the newest 2.8.4 version, but the hackers came back.
It’s a scary thought and a hard lesson. If hackers get your account passwords, they could change the password, lock you out, and start posting embarrassing things on your blog. In Scoble’s case, they did more damage. That’s one reason he has restarted a new blog on a different platform.
Here’s more of what Scoble had to say:
They broke back in, but this time they did a lot more damage. They deleted about two months of my blog. Yes, I didn’t have a backup. I should learn to do backups (we’re doing them now). Life has a way of beating you if you don’t have backups.
Anyway, this time they also put some malicious code on my archive pages. Google sent me an email saying they had removed my blog from its index. That got a whole team to look into how they broke in. Now thanks to TechCrunch and Mashable you know there was a vulnerability in WordPress which let them break in.
We’ve done some other things now to make it harder for them to break in (for instance, my admin account has been deleted and a new one doesn’t use the name “admin”), but the damage is done and I feel the same way when our childhood home was broken into. I don’t feel safe here.