Skip to main content

Root-Level Attack Exposes WordPress's Premium Customers

A recent root-level hack hack may have harmed the company's premium customers, exposing their account passwords and other sensitive information. boasts many major brands on its premium customer list, including NASA, Yahoo, Flickr and the New York Times among many others.

WordPress confirmed on Wednesday that a hacker had broken into its servers on Tuesday and may have copied sensitive sections of the company’s underlying code.

“Automattic had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed,” WordPress founder Matt Mullenweg wrote in a blog post ( (opens in new tab)).

"We have been diligently reviewing logs and records about the break-in to determine the extent of the information exposed, and re-securing avenues used to gain access. We presume our source code was exposed and copied," he added.

Mullenweg assured concerned parties that even if there was breach, the disclosure to sensitive information was fairly limited.

He also said that an investigation into the recent security breach is currently underway, and all necessary steps will be taken by the company to prevent such security breaches from occurring in the future.