Hi @seahawknationblog, thanks for your message about this.
Here’s the other post that seems connected (by the Live Traffic timestamp) to this case: https://www.ads-software.com/support/topic/user-logged-in-sucessfully/
As Live Traffic picked up the successful login, yet the username appears to be suspicious and confirmed as not one you recognize, a breach may have already taken place prior to the login attempt using an exploitable way in – such as a vulnerable plugin, compromized admin password, etc.
Carefully follow the checklist we provide for site admins to try cleaning their own sites: https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/
I’ll always be sure to encourage you to update all plugins and themes along with running the latest WordPress core if you haven’t already. WordPress sometimes patches their older releases if they find a vulnerability so make sure to update your version if needed. We, of course, recommend that you update to the latest version.
As a rule, any time I think someone’s site has been compromised I also tell them to update their passwords for their hosting control panel, FTP, WordPress admin users, and database. Make sure to do this.
Additionally you might find the WordPress Malware Removal section in our free Learning Center helpful if you haven’t explored it already.
If you are unable to clean this on your own there are paid services that will do it for you. Wordfence offers one and there are others. Regardless of whether you choose to clean it yourself or let someone else do it – we recommend that you make a full backup of the site beforehand.
Thanks,
Peter.