I recently had my Wordpress site hacked (on another host). Since rebuilding it and moving to dreamhost I have also installed sucuri plug in which monitors log in attempts - failed and succesful.
I also removed the admin account and created a new account with admin privileges and using a username which was fictitious and not easily guessable.
For some weeks that seemed to work though I was gettign about 15-20 failed attempts to log in using Admin as a username.
Worryingly, in the last few days I am getting failed log in attempts using the username I created for the admin account.
How did the bot get hold of my username? It seemed like a pointless exercise in removing the admin username if there is a simple way for a spammer to find out alternative usernames…I have not used that name in any posts or comments and searching the site for that name gives no results.
I suppose the bigger question is - should I be worried?