A notice που published Today, GoDaddy reports that data of up to 1,2 million of its customers were leaked when hackers gained access to the Managed WordPress hosting environment.
The incident was discovered by GoDaddy last Wednesday, November 17, but the intruders had access to its network and data thw at least since September 6 toy 2021.
"We detected suspicious activity in the Managed WordPress hosting environment and immediately started an investigation with the help of a security company. We also contacted law enforcement directly, "said Demetrius Comes, Chief Information Security Officer at GoDaddy.
“Using a compromised password, an unauthorized user gained access to system Managed WordPress.”
"Our investigation is ongoing and we communicate directly with all our affected customers with specific details. Customers can also contact us through the help center (https://www.godaddy.com/help) which includes telephone numbers depending on the country. "
The intruders were able to access the following GoDaddy client information:
- Up to 1,2 millions active and inactive Managed WordPress customers email address and customer number leaked. Email exposure presents a risk of phishing attacks.
- The original WordPress Administrator password that was set at the time the service was launched has been revealed.
- For active clients, usernames and sFTP and database passwords were revealed.
- For a subset of active customers, the private was revealed key SSL.
For those unfamiliar, GoDaddy is the largest domain registrar in the world and a web hosting company providing services to more than 20 million users worldwide.
