Dieter Bohn, writing for The Verge:
A huge network of over 90,000 IP addresses has been targeting WordPress blog installations with a brute force attack, attempting to gain access by using the default “admin” username by trying multiple passwords. Two prominent hosting providers, CloudFlare and HostGator, report that the scale of the current attack is much larger than usual. CloudFlare tells The Next Web that is has blocked 60 million requests in the past hour. HostGator’s Sean Valant describes it as a “global attack on WordPress installations across virtually every web host in existence.”
After reading this, I changed my password right away. All the more reason to use 1Password.