
GoDaddy Security Breach Exposes 1.2 million WordPress Users’ Data
Eleanore Beatty November 25, 2021 ArticleWeb hosting company GoDaddy said on Monday email addresses of up to 1.2 million active and inactive Managed WordPress customers had been exposed in an unauthorised third-party access.
The company said the incident was discovered on November 17 and the third-party accessed the system using a compromised password.
“We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement,” Chief Information Security Officer Demetrius Comes said in a filing.
The company, whose shares fell about 1.6 percent in early trading, said it had immediately blocked the unauthorised third party, and an investigation was still going on.
Here’s what the company said in the filing:
On November 17, 2021, we discovered unauthorised third-party access to our Managed WordPress hosting environment. Here is the background on what happened and the steps we took, and are taking, in response:
We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement. Using a compromised password, an unauthorised third party accessed the provisioning system in our legacy code base for Managed WordPress.
Upon identifying this incident, we immediately blocked the unauthorised third party from our system. Our investigation is ongoing, but we have determined that, beginning on September 6, 2021, the unauthorised third party used the vulnerability to gain access to the following customer information:
•Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks.
•The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, we reset those passwords.
•For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords.
•For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for those customers.
Our investigation is ongoing and we are contacting all impacted customers directly with specific details. Customers can also contact us via our help centre (https://www.godaddy.com/help) which includes phone numbers based on country.
We are sincerely sorry for this incident and the concern it causes for our customers. We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.
Demetrius Comes
Chief Information Security Officer
© Thomson Reuters 2021
You may also like
Archives
- December 2024
- November 2024
- September 2024
- August 2024
- July 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
Calendar
M | T | W | T | F | S | S |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | |
7 | 8 | 9 | 10 | 11 | 12 | 13 |
14 | 15 | 16 | 17 | 18 | 19 | 20 |
21 | 22 | 23 | 24 | 25 | 26 | 27 |
28 | 29 | 30 | 31 |