Monday morning, FYIVT published an article examining Vermont’s latest “Tax the Rich-ish” campaign and the economic data behind it.

What happened next was unexpected. (sort of)

By the end of the day, FYIVT had experienced the largest coordinated login attack recorded in the site’s history.

According to server logs and security records, approximately 140 unique IP addresses attempted to access FYIVT’s WordPress login system. Before attempting passwords, the attackers performed reconnaissance, probing author records and looking for valid usernames. Once they found what they were looking for, the login attempts began.

In total, 151 login attempts were recorded and 73 networks were automatically locked out.

The result?

Nobody got in.

Not one of the attack attempts succeeded. The only successful login recorded that day came from my own Vermont IP address.

Now let’s be clear about something.

The timing is interesting.

The attack occurred the same day FYIVT published a politically charged article. The activity was also highly unusual by historical standards. June 15 generated roughly 250 percent more attack activity than the previous record day. Other WordPress sites sharing the same hosting account did not experience anything remotely comparable. One Vermont Republican candidate’s campaign website on the same account received only three login attempts during the same period.

Those are facts.

What the logs cannot tell us is who initiated the attack or why.

Maybe somebody read the article and decided to point a password-guessing tool at the site. Maybe increased attention put FYIVT into channels monitored by automated scanners. Both explanations fit the evidence. The logs prove the timing. They do not prove motive.

What they do prove is that somebody wanted in.

🍁 Make a One-Time Contribution — Stand Up for Accountability in Vermont 🍁

How These Attacks Actually Work

Most people imagine hackers as movie villains pounding away on keyboards.

Reality is usually much dumber.

Modern login attacks are largely automated. Software scans websites looking for login pages, gathers usernames, and then attempts common password combinations. The process is cheap, fast, and requires very little skill.

One detail from Monday’s attack illustrates that perfectly.

The attackers also attempted to access WordPress login pages on systems that do not even run WordPress. In other words, they weren’t carefully studying FYIVT. They were feeding targets into software and letting it spray requests across our servers.

That doesn’t make the attacks harmless. It just means they’re often carried out by tools rather than masterminds.

The Lesson: Use Better Passwords

The good news is that attacks like this are often defeated by simple habits.

Use a unique password.

Use a long password.

Use multi-factor authentication whenever possible.

And no, before anyone asks, my password is not “12345.” Nice try. (🖕)

The reality is that most successful website break-ins don’t happen because attackers are brilliant. They happen because someone reused an old password, chose something predictable, or failed to update basic security settings.

A strong password is still one of the cheapest and most effective defenses available.

Why This Matters for Independent Journalism

There is a larger lesson here.

Many readers assume cybersecurity is something only large corporations and national media organizations need to worry about.

That’s no longer true.

Independent publishers face the same internet as everyone else. If you publish information, maintain a website, and participate in public debate, your systems will eventually be scanned, probed, tested, and attacked.

Every hour spent reviewing logs is an hour not spent covering legislation, taxes, state government, and the issues that affect Vermonters.

The encouraging part is that FYIVT’s defenses held.

The attackers failed.

The site stayed online.

The reporting remained available.

But security isn’t free. Servers aren’t free. Development isn’t free. The next generation of FYIVT is being designed to be faster, more resilient, and significantly harder to attack, but building that future requires resources.

If you value independent journalism that follows the data wherever it leads—even when some people may not like the results—please consider supporting FYIVT.

The attack failed.

The reporting continues.

And we’re not going anywhere.

If you found this information valuable and want to support independent journalism in Vermont, become a supporter for just $5/month today!

Dave Soulia | FYIVT

You can find FYIVT on YouTube | X(Twitter) | Facebook | Instagram

#fyivt #VermontNews #CyberSecurity #IndependentJournalism

Support Us for as Little as $5 – Get In The Fight!!

Make a Big Impact with $25/month—Become a Premium Supporter!

Join the Top Tier of Supporters with $50/month—Become a SUPER Supporter!