If it can happen to Reuters, it can happen to anyone
Now, while that’s news in and of itself, the big takeaway that’s relevant to me and PanicPress is that if Reuters can have one of their blogs broken into, anyone can.
Obviously, they use secure passwords at Reuters, and have backups, and keep their blogging software up-to-date – the works. Well, okay maybe not “obviously”, but it’s a solid guess. They probably take as many precautions as the can, and they still managed to be hacked and have false stories posted.
Would PanicPress have made a difference? Very possibly! One of the most important concepts in security is the concept of layers – that is having a whole bunch of security systems in place, all working in tandem. PanicPress provides yet another layer of security that WordPress doesn’t otherwise offer, and even if a hacker managed to guess or steal a legitimate reporter’s password, it’s highly unlikely they’d be using it from a known IP. PanicPress would have detected that and alerted the administrator, who could have shut down the admin section before the hacker had a chance to post those fabricated stories.
I’m really looking forward to launching for real – the “todo” list is getting much, much shorter by the day, while the need for PanicPress grows.