A number of WordPress blogs hosted at Network Solutions were hacked according to ZDNet. A malicious hacker was able to create a script that scanned for WordPress config files which contain MySQL database credentials in plain text.
WordPress config files should only be read by Apache only with permissions of 750. Most users have their permissions set to 755. WordPress users should set their permissions to 750 to avoid from being hacked.
Another way of protecting WordPress config files is to use .htaccess. Add the following code to your .htaccess file.
# protect wpconfig.php <files wp-config.php> order allow,deny deny from all </files>