GoDaddy Security Breach
GoDaddy Hacked! Webhosting company GoDaddy Inc., has suffered a huge data breach that gave an attacker access to 1.2 million email addresses belonging to company's active and inactive Managed WordPress users.
In a blog post, GoDaddy's Chief Information Security Officer (CISO) Demetrius Comes said unauthorised access to its managed WordPress servers had come to light.
"Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The data breach presents risk of phishing attacks," says Demetrius Comes.
GoDaddy says on November 17, the company discovered unauthorized third-party access to Managed WordPress hosting environment and immediately locked the attacker out before beginning an investigation and contacting law enforcement.
"We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement. Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress," the company explained.
The original WordPress Admin password that was set at the time of provisioning was also exposed.
"If those credentials were still in use, we reset those passwords. For active customers, SFTP and database usernames and passwords were exposed. We reset both passwords," said GoDaddy.
GoDaddy has warned users that this exposure can put users at greater risk of phishing attacks. The investigation is underway. GoDaddy confirms that the investigation is still ongoing and law enforcement has been notified . The company is currently committed to contacting all interested customers with more specific details; it is always possible to ask for clarification directly to the GoDaddy support center. Here are the excuses and the usual clarifications:
According to the first official estimates, the balance of the violation can be summarized as follows:
- Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks.
- The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, we reset those passwords.
- For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords.
- For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for those customers.
According to GoDaddy;
[Source]We sincerely regret this incident and the concern it causes to our customers. We, the executives and employees of GoDaddy, take our responsibility to protect our customers' data very seriously and don't want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.