Frederick Leatherman’s Blog was Hijacked
I was alerted that Frederick Leatherman reported that his house was broken into, and someone obtained the access code to their router and accessed his and Crane-Station’s computers. Whomever it was changed the password to his blog and he could no longer log in.
I do not use the word “hack” because that sounds as if someone actually hacked into the server side to get into his computer. That’s difficult to do with Word Press blogs because the hacker would have to actually hack into Word Press servers then find the blog that they want to access.
What I actually think happened is that after breaking into Fred’s house, the perpetrator accessed Fred’s computer. If he was already signed into Word Press, the person was able to change the password on his blog. The most concerning thing however, is that if the person gained access to the administrative side of Leatherman’s blog, that person might have obtained the email addresses of those who submitted comments and might attempt to sign into and change the passwords on Word Press accounts.
What I can’t figure out is why the same perp, if really wanting to hurt Fred, did not change his posts or delete the blog.
I don’t want to cause alarm but out of concern, suggest that if you recently submitted a comment to Leatherman’s blog – IMMEDIATELY change the password on your Word Press account.
If you submitted a comment to Leatherman’s blog without using a Word Press account, I suggest that you change the password on your email.
Knowing What Blog Administrators See
When you submit a comment to a Word Press blog, Word Press records your handle, your email address and your IP address. IP addresses serve no purpose other than to use in the event of having to ban or moderate someone. When traced, they show the general location for where you are posting from, and the name of your internet service provider, but they do not reveal your personal identity nor your residential address.
Comments on the Administrative side of Word Press blogs appear in the most recent order with about 20 comments per page. That means that if you submitted a comment to Leatherman’s blog in the past week, it will probably appear in the first several pages.
If you follow a blog, the Administrator only sees your gravatar and handle. If you have a Word Press blog when you signed-up to follow, the URL for the blog will appear. Your email address does not appear.
If You Have A Blog, Please Be Aware Of Impersonators
Cyber harassers have demonstrated impersonating others by using their handle or a semblance, and a fake email address that bears semblance to the handle. What they cannot do is duplicate an IP address. The worst that can happen is that a blog administrator bans impersonators by IP address, which will not be your real IP address but the one used by the impersonator. However, we never want people to think that we are submitting vile comments when it is not us.
For those with blogs, since the harassers cannot duplicate our real IP addresses (those are generated by Word Press), I ask that when comments from those previously approved go to moderation instead, that you take a look at the email address and IP address and compare it to previously submitted comments before flipping out thinking that a friend has suddenly become an enemy.
If You Are Unable to Sign Into Your Word Press Account
If you have problems signing into your Word Press account, use the following link to recover your account.
To Stay Or Not Stay Signed-In
I’ve heard pros and cons. Not being a computer geek, I cannot give a knowledgeable opinion. I’ve been told that by staying signed-in, that a person from another computer, even having your email address, will not be able to sign-into your account because Word Press and/or gravatar knows you are already signed-in.
Maybe some of you know more and will share it in comments.
Let’s wish Frederick and Crane-Station the best and that they stay safe.