In a submitting with with Securities and Exchange Commission (SEC), the corporate’s chief data safety officer Demetrius Comes defined that an “unauthorized third get together” had gained entry to its managed WordPress internet hosting setting.
For these unfamiliar, WordPress is a content material administration system (CMS) utilized by tens of millions of website house owners worldwide to arrange blogs and web sites and like different internet hosting suppliers, GoDaddy gives WordPress hosting along with shared hosting, VPS hosting, dedicated servers and extra.
According to GoDaddy, the unauthorized particular person gained entry to its programs round September 6 through the use of a compromised password. However, it wasn’t till final week on November 17 that the corporate found the breach.
Compromised person accounts
GoDaddy’s SEC filing says that the breach impacts 1.2m lively and inactive managed WordPress customers who had their electronic mail addresses in addition to their customer numbers uncovered.
The firm additionally mentioned that the unique WordPress admin password, which was created when WordPress was first put in was additionally uncovered. With this password in hand, an attacker can entry a customer’s WordPress server.
GoDaddy additionally revealed that lively clients had their sFTP credentials and the usernames and passwords for his or her WordPress databases, which might be used to retailer all of their content material, uncovered within the breach. However, in some instances, customer’s SSL personal keys have been uncovered and if abused, this key may enable an attacker to impersonate a customer’s web site or different companies. While GoDaddy has reset customer WordPress passwords and personal keys, it’s at the moment within the strategy of issuing them new SSL certificates.
We’ll seemingly hear extra concerning the small print of this information breach after GoDaddy finishes conducting a full investigation into the matter.