If you or any of your team are logging in as an admin user you need to stop this! You should replace the ‘admin’ user login with a different name.
If a hacker is trying to get in to your system, their very first attempt will be to log in as the ‘admin’ user. After that, they will just need to figure out the password so they have half the job done. Plus, if you still have an admin user they will also think that you haven’t secured your system so will hang around longer.
I have a client whose website was recently hacked. The plugins folder was overwritten and pretty much brought down the site. After going in and fixing and re-installing, I noticed that the ‘admin’ username was in place. I installed a security program that notifies me when the site has an attempted unauthorized login. Voila! The site is being targeted with the Admin username. Protocols have been installed to lock down the site now, but it’s amazing how many times a day someone is trying to login.
Also, make sure you are backing up your site on a regular basis. If you do fall victim, you can be sure that you have a backup of your site you can re-install on another server, if need be.
If you need help securing your WordPress website, give me a shout. I offer maintenance packages on WordPress websites that include full backups.