23 November 2021

Security breach exposed data of over million GoDaddy WordPress customers


Security breach exposed data of over million GoDaddy WordPress customers

Internet domain registrar and web hosting company GoDaddy has admitted it suffered a data breach that affected 1.2 million of its customers.

In a document filed with the U.S. Securities and Exchange Commission, the web hosting giant said that on November 17, 2021 it became aware that hackers compromised its Managed WordPress hosting environment and gained access to customers’ data, including:

  • Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks.

  • The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, we reset those passwords.

  • For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords.

  • For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for those customers.

GoDaddy explained that the intruders obtained access to the provisioning system in the legacy code base for Managed WordPress using a compromised password.

Upon discovering the breach, the company “immediately blocked the unauthorized third party from our system.” The web registrar believes that the breach first occurred on September 6th, 2021. It said that the investigation is currently ongoing, and that it is contacting the affected customers directly with specific details.


Back to the list

Latest Posts

US warns against accidentally hiring North Korean hackers posing as tech workers

US warns against accidentally hiring North Korean hackers posing as tech workers

North Korea dispatches thousands of highly skilled IT workers around the world to generate revenue for the country's government.
19 May 2022
Cybersecurity agencies release advisory on most common initial access attack vectors

Cybersecurity agencies release advisory on most common initial access attack vectors

The advisory highlights common weak security controls, poor configurations, and poor security practices that cyber actors abuse to breach victim networks.
19 May 2022
Conti ransomware gang threatens to overthrow Costa Rican government

Conti ransomware gang threatens to overthrow Costa Rican government

The Conti gang has also tried to increase the pressure by raising a ransom demand to $20 million.
18 May 2022