Hi all,
We’ve updated all hosted sites with the NextGen Gallery plugin installed to the latest version. There was a significant security hole in older versions, which would have allowed an attacker to retrieve info from the site’s database.
More here: https://blog.sucuri.net/2017/02/sql-injection-vulnerability-nextgen-gallery-wordpress.html
-TS