The web hosting platform’s chief information security officer (CISO) has notified the Securities and Exchange Commission of an unauthorized breach. Systems that host and manage WordPress servers were affected.
According to GoDaddy, the unauthorized individual accessed the systems around September 6th using a compromised password, and the company discovered the breach on November 17th. About 1.2 million active and inactive WordPress users had their customer numbers and emails exposed. Fraudulent email impersonations, or phishing attacks, could increase due to the breach.
The web host noted that original WordPress (WP) admin passwords were also exposed, as well as active customer sFTP credentials. Usernames and passwords for WordPress databases, which store user content, were exposed. Some customer’s SSL (HTTPS) private key was exposed, giving a potential attacker the ability to impersonate a user’s website.
GoDaddy noted that it had reset customer WP passwords and private keys, and is currently issuing new SSL certificates.
There is still some uncertainty about the levels of security the compromised account had in the first place. It’s unknown whether multi-factor authentication (MFA) or a strong password were being utilized. Customers who use GoDaddy should look out for suspicious activity and report anything irregular to the government or Federal Trade Commission (FTC) as quickly as possible.
Need an estimate? Request a quote below!