Malicious login attempts from MAC addresses???

Almost all of the malicious login attempts to my site come from what looks like a range of MAC addresses rather than IP addresses. Is this normal and will the plugin accept these MAC addresses as blocked IPs? I’m not sure if it’s worth trying that, as each attack appears to come from a different range.

Also, the change in the number of malicious login attempts noted by Jetpack is much higher than the failed logins listed in WP security. Why would that be?

These ‘bots’ have somehow discovered the valid login IDs for my site too…