GoDaddy breach exposes 1.2 million customer accounts

The domain registrar and web hosting firm GoDaddy has revealed that it suffered a knowledge breach by which the person information of 1.2m of its clients might have been accessed.

In a submitting with with Securities and Exchange Commission (SEC), the corporate’s chief data safety officer Demetrius Comes defined that an “unauthorized third get together” had gained entry to its managed WordPress internet hosting setting.

For these unfamiliar, WordPress is a content material administration system (CMS) utilized by tens of millions of website house owners worldwide to arrange blogs and web sites and like different internet hosting suppliers, GoDaddy gives WordPress hosting along with shared hosting, VPS hosting, dedicated servers and extra.

According to GoDaddy, the unauthorized particular person gained entry to its programs round September 6 through the use of a compromised password. However, it wasn’t till final week on November 17 that the corporate found the breach.

Compromised person accounts

GoDaddy’s SEC filing says that the breach impacts 1.2m lively and inactive managed WordPress customers who had their electronic mail addresses in addition to their customer numbers uncovered.

The firm additionally mentioned that the unique WordPress admin password, which was created when WordPress was first put in was additionally uncovered. With this password in hand, an attacker can entry a customer’s WordPress server.

GoDaddy additionally revealed that lively clients had their sFTP credentials and the usernames and passwords for his or her WordPress databases, which might be used to retailer all of their content material, uncovered within the breach. However, in some instances, customer’s SSL personal keys have been uncovered and if abused, this key may enable an attacker to impersonate a customer’s web site or different companies. While GoDaddy has reset customer WordPress passwords and personal keys, it’s at the moment within the strategy of issuing them new SSL certificates.

We’ll seemingly hear extra concerning the small print of this information breach after GoDaddy finishes conducting a full investigation into the matter.

We’ve additionally featured the best data loss prevention companies and best database software

Via TechCrunch

https://www.techradar.com/information/godaddy-breach-exposes-12-million-customer-accounts

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Related Posts

10 Best Web Hosting for Small Business: Top Services 2024

Web Host Pro Announces Enhanced Web Hosting Services

Website Hosting Cost Guide 2024 – Forbes Advisor UK

Sharing IP Addresses On Shared Servers Is Normal & Fine For Google Rankings

Pros & Cons – Forbes Advisor Australia

HostBet Cloud Technologies Introduces Cutting-Edge Servers to Revolutionise Shared Hosting Experience