23 November 2021

Security breach exposed data of over million GoDaddy WordPress customers


Security breach exposed data of over million GoDaddy WordPress customers

Internet domain registrar and web hosting company GoDaddy has admitted it suffered a data breach that affected 1.2 million of its customers.

In a document filed with the U.S. Securities and Exchange Commission, the web hosting giant said that on November 17, 2021 it became aware that hackers compromised its Managed WordPress hosting environment and gained access to customers’ data, including:

  • Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks.

  • The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, we reset those passwords.

  • For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords.

  • For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for those customers.

GoDaddy explained that the intruders obtained access to the provisioning system in the legacy code base for Managed WordPress using a compromised password.

Upon discovering the breach, the company “immediately blocked the unauthorized third party from our system.” The web registrar believes that the breach first occurred on September 6th, 2021. It said that the investigation is currently ongoing, and that it is contacting the affected customers directly with specific details.


Back to the list

Latest Posts

Amid Pegasus scandal, Israel bans cyber software sales to 65 countries

Amid Pegasus scandal, Israel bans cyber software sales to 65 countries

Dropped countries include such countries as Morocco, Mexico, Saudi Arabia, or the UAE.
26 November 2021
CronRAT: New Linux malware that hides behind February 31 to stay undetected

CronRAT: New Linux malware that hides behind February 31 to stay undetected

The malware hides in the Linux calendar system and enables server-side Magecart data theft which bypasses browser-based security solutions.
26 November 2021
New malware campaign targets crypto, NFT and DeFi communities via Discord

New malware campaign targets crypto, NFT and DeFi communities via Discord

The Babadeda crypter is able to bypass signature-based antivirus solutions and was previously observed in malicious campaigns distributing RATs, and LockBit ransomware.
26 November 2021