Domain registrar and web hosting company GoDaddy has revealed that it suffered a data breach that may have used user data from 1.2m of its customers.
In a filing with the Securities and Exchange Commission (SEC), the company’s chief information security officer Demetrius Comes explained that an “unauthorized third party” had gained access to its managed WordPress hosting environment.
For those unfamiliar, WordPress is a content management system (CMS) used by millions of site owners around the world to set up blogs and websites and, like other hosting providers, GoDaddy offers shared hosting, VPS hosting, dedicated servers and more. Offers WordPress hosting, among many others.
According to GoDaddy, the unauthorized person gained access to its systems using a compromised password around September 6. However, the breach was not detected by the company until last week on November 17.
Compromised User Accounts
GoDaddy’s SEC filing says the breach affected 1.2m active and inactive managed WordPress users whose email addresses as well as their customer numbers were exposed.
The company also said that the original WordPress admin password, which was created when WordPress was first installed, had also been exposed. With this password, an attacker can access the client’s WordPress server.
GoDaddy also revealed that active customers had their sFTP credentials and username and password for their WordPress database, which is used to store all of their content exposed in the breach. However, in some cases, the customer’s SSL private keys were exposed and if misused, this key could allow an attacker to impersonate the customer’s website or other services. While GoDaddy has reset customer WordPress passwords and private keys, it is currently in the process of issuing them new SSL certificates.
We’ll hear more about the details of this data breach once GoDaddy has fully investigated the matter.
we have also painted best data loss prevention services and best database software