[wp-hackers] Website was hacked

webmaster at qcustodial.com webmaster at qcustodial.com
Sun Jun 16 21:00:13 UTC 2013

> I went to login to my WordPress site today but it was not accepting my
> username/password. It kept saying invalid username which I knew was valid.
> I accessed cpanel then phpmyadmin to find the username, password, and
> email had been changed. I used the generator on your site to provide a new
> password hash then using phpmyadmin I change the username and email back
> and set a new password. The password has been changed along with my cpanel
> and mysql passwords. It does not appear any changes were made other than
> this.
> The wired thing is the username was changed, which cannot be done in
> WordPress you have to do it in the database itself. Leading me to believe
> it was the web host that was hacked not my WordPress install. What are you
> thoughts? What else should I do?
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

I should also mention that I also changed the keys in wp-config as well
and have notified my host to see if they can tell if the server was hacked
or not.

More information about the wp-hackers mailing list