25 November 2021

Multiple Managed WordPress services resellers also hit in recent GoDaddy data breach


Multiple Managed WordPress services resellers also hit in recent GoDaddy data breach

Domain registrar and web hosting giant GoDaddy that recently suffered a data breach affecting over 1 million of its WordPress customers has confirmed that the incident also impacted several of its brands, including 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost.

“The GoDaddy brands that resell GoDaddy Managed WordPress are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost. A small number of active and inactive Managed WordPress users at those brands were impacted by the security incident. No other brands are impacted. Those brands have already contacted their respective customers with specific detail and recommended action,” Dan Rice, VP of corporate communications at GoDaddy, told WordPress security firm Wordfence.

TsoHost, 123Reg, Domain Factory, Heart Internet, and Host Europe were acquired by GoDaddy in 2017, while Media Temple was bought by the company in 2013.

Earlier this week, GoDaddy revealed it detected unauthorized access to its managed WordPress hosting environment that resulted in the exposure of email addresses of as many as 1.2 million of active and inactive Managed WordPress customers. The compromised data also included WordPress Admin password set at the time of provisioning, sFTP and database usernames and passwords for active customers, and SSL private keys (for a small subset of active customers).

“What this means is the unauthorized party could have obtained the ability to access your Managed WordPress service and make changes to it, including to alter your website and the content stored on it. The exposure of your email address may also present a heightened risk of phishing attacks,” GoDaddy said in a data breach notification letter sent to customers.

The company said it reset compromised WordPress Admin login credentials, sFTP passwords and database passwords, but warned users that they won’t be able to edit content on their websites until they set a new password.


Back to the list

Latest Posts

Amid Pegasus scandal, Israel bans cyber software sales to 65 countries

Amid Pegasus scandal, Israel bans cyber software sales to 65 countries

Dropped countries include such countries as Morocco, Mexico, Saudi Arabia, or the UAE.
26 November 2021
CronRAT: New Linux malware that hides behind February 31 to stay undetected

CronRAT: New Linux malware that hides behind February 31 to stay undetected

The malware hides in the Linux calendar system and enables server-side Magecart data theft which bypasses browser-based security solutions.
26 November 2021
New malware campaign targets crypto, NFT and DeFi communities via Discord

New malware campaign targets crypto, NFT and DeFi communities via Discord

The Babadeda crypter is able to bypass signature-based antivirus solutions and was previously observed in malicious campaigns distributing RATs, and LockBit ransomware.
26 November 2021