There are almost 30- 40% hacked websites that are created by WordPress due to the carelessness of plugin, theme and core updation.
Top Reasons Which result in Hacked WordPress Website
- Unsecured web hosting
- Weak passwords
- Unprotected Access to WordPress Admin (wp-admin Directory)
- Incorrect file permissions
- Did not update WordPress
- Unpatched Plugins or themes
- Using FTP rather than SFTP/SSH
- Using Admin because the WordPress usernames
- Obsolete themes and plugins
- No securing of WordPress configuration within the wp-config.php file
- Do not change the WordPress table prefix
The Biggest Breaches in 2020
Due to the COVID-19 pandemic many companies had moved their business to remote operation. There has been a great increase in the number of online Businesses. The seven major data breaches happened in 2021 are:
- Nintendo Data Breach
- Twitter Spear Phishing Attack
- Easy Jet Data Breach
- CAM4 Data Breach
- Marriott Data Breach
- Zoom Credentials Hack
- Antheus Tecnologia Biometric Data Breach
WordPress versions statistics
- 74 different versions of WordPress identified.
- 11 of those versions are invalid. for instance version 6.6.6.
- 18 websites had an invalid non-existing versions of WordPress.
- 769 websites (1.82%) are still running a subversion of WordPress 2.0.
- Only 7,814 websites (18.55%) upgraded to WordPress 3.6.1.