Photo by Just Jefa

FYI, if you re-use passwords it might be a good time to a) change passwords on your most critical accounts (bank, Google, Facebook, business websites, you-know-better-than-I-do…) Because thanks to a recent release of 1.4 BILLION username/password pairs hackers are having a field day!

Breaking: Aggressive WordPress Brute Force Attack Campaign Started Today, 3am UTC

From the original post, which tracks automated attacks on Wordpress sites, but where there’s smoke…

A possible explanation for this new massive increase in brute force attacks

On December 5th, a massive database of hacked credentials emerged. It contains over 1.4 billion username/password pairs. Approximately 14% of the database contains credentials that have not been seen before. The database is also searchable and easy to use.

Historically, brute force attacks targeting WordPress have not been very successful. This new database provides fresh credentials that, when matched with a WordPress username, may provide a higher success rate for attackers targeting sites that do not have any protection.

— Source: Wordfence Blog