Welcome to WebmasterWorld Guest from 220.127.116.11
According to Web site security firm Incapsula, those responsible for this crime campaign are scanning the Internet for WordPress installations, and then attempting to log in to the administrative console at these sites using a custom list of approximately 1,000 of the most commonly-used username and password combinations.
It doesn't matter what CMS you use, someone's out there looking for ways to hack it.
We've done this in the past when we had a massive attack, and Google did not raise a fit. So we had to remove the password protection in the meantime to appease the google gods.
I don't lose any sleep over wordpress because I am not running it.
When would you let Google crawl your admin pages?
If you do a search, you can find blogs reporting what usernames and passwords the attack is targeting.