A notice that published today from GoDaddy αναφέρει ότι διέρρευσαν δεδομένα έως και 1,2 εκατομμυρίων πελατών της όταν hackers απέκτησαν πρόσβαση στο περιβάλλον φιλοξενίας Managed WordPress.
The incident was discovered by GoDaddy last Wednesday, November 17, but the intruders had access to its network and data thw at least since September 6 toy 2021.
“Εντοπίσαμε ύποπτη δραστηριότητα στο περιβάλλον φιλοξενίας Managed WordPress και ξεκινήσαμε αμέσως μια έρευνα με τη βοήθεια μιας εταιρείας ασφαλείας. Επικοινωνήσαμε άμεσα και με τις αρχές επιβολής”, αναφέρει ο Demetrius Comes, Chief Information Security Officer by GoDaddy.
"Using an invalid password, an unauthorized user has gained access to the Managed WordPress system."
"Our investigation is ongoing and we communicate directly with all our affected customers with specific details. Customers can also contact us through the help center (https://www.godaddy.com/help) which includes telephone numbers depending on the country. "
The intruders were able to access the following GoDaddy client information:
- Up to 1,2 million active and inactive customers of the Managed WordPress service have been leaked their email address and customer number. Email exposure poses a risk of phishing attacks.
- The original WordPress Administrator password that was set at the time the service was launched has been revealed.
- For active clients, usernames and sFTP and database passwords were revealed.
- For a subset of active clients, the private SSL key has been revealed.
For those who don't know GoDaddy is the world's largest domain registrar and a web hosting company that provides services to more than 20 million users worldwide.
