WordPress hosting biz confesses to breach, urgently contacts 30,000 users

WordPress hosting outfit WP Engine has confessed to a security breach, prompting it to reset 30,000 customers' passwords.

"At WP Engine we are committed to providing robust security. We are writing today to let you know that we learned of an exposure involving some of our customers’ credentials," it said in a statement yesterday.

"Out of an abundance of caution, we are proactively taking security measures across our entire customer base," it added.

It said there was no evidence that the information was used inappropriately, but as a precaution it was invalidating passwords associated with the WP Engine account.

Apparently the company's "best-in-class" technology is used across 120 countries.

WP Engine said its investigation was "ongoing" and that it would update customers as soon as its security team learns more.

Security firm Trend Micro has also warned that The Independent newspaper's WordPress-based blog section has been compromised. ®