GoDaddy Announces Data Breach

Data belonging to up to 1.2 million WordPress customers has been exposed in a security incident at GoDaddy.

The domain registrar web-hosting company said on Monday that an unauthorized third party had gained access to its systems by exploiting a compromised password. The intrusion began in September but wasn’t detected until last week. 

GoDaddy has hired an IT forensics firm to investigate the incident. While that investigation remains ongoing, cybersecurity specialists have determined that the unauthorized third party gained access to email addresses and customer numbers belonging to Managed WordPress customers with active or inactive accounts.

In a November 22 filing regarding the data incident, GoDaddy’s chief information security officer, Demetrius Comes, wrote that “the exposure of email addresses presents risk of phishing attacks.”

GoDaddy said that original WordPress admin passwords that were set at the time of provisioning were exposed.

“If those credentials were still in use, we reset those passwords,” said Comes in the filing.

GoDaddy also reset active WordPress customers’ passwords for the Secure File Transfer Protocol (SFTP) and database, after the usernames and passwords for both were exposed in the security incident. 

The details of SSL (Secure Sockets Layer) private keys belonging to an unspecified number of active customers were also exposed to the unauthorized third party. The company is currently in the process of issuing and installing new certificates for those customers.

Once the incident was discovered, the intruder was blocked from the system. The investigation into the incident found that the unauthorized third party had been able to access WordPress customers’ data since September 6. 
Support the originator by clicking the read the rest link below.