If you have a WP site and you don't have something watching out for brute force attempts to get access to it, it's time to do so... before it's not your site any more.
The 'Limit Login Attempts' plugin is a start, but the real solution is something like fail2ban on the server, looking for all sorts of attacks.
This entry was originally posted at http://lovingboth.dreamwidth.org/548766.html, because despite having a permanent account, I have had enough of LJ's current owners trying to be evil. Please comment there using OpenID - have and if you have an LJ account, you can use it for your OpenID account. Or just join Dreamwidth! It only took a couple of minutes to copy all my entries here to there.