Dynadot

news The GoDaddy suffered from a data leak. 1.2 million of WordPress site owners are affected

Spaceship Spaceship
Watch

Mifuru

Neko? NoTop Member
Impact
1,363
Domain registrar and hoster GoDaddy reported hacking and data leakage. During the incident, the data of 1.2 million customers of the company was affected, as hackers gained access to the WordPress hosting environment.

GoDaddy reported the incident in documents filed this week with the U.S. Securities and Exchange Commission. The company discovered the hack last week, on November 17, after "suspicious activity" in a managed hosting environment for WordPress.

The investigation revealed that unknown hackers maintained access to GoDaddy's servers for more than two months, and penetrated the company's network on September 6, 2021. It is reported that the attackers had access to the following data:

  • information of 1.2 ml active and inactive clients of managed hosting for WordPress, including email addresses and client numbers;
  • the original WordPress admin password that GoDaddy issues to clients when creating a website;
  • DB and sFTP usernames and passwords for active clients;
  • SSL private keys for some clients.
  • GoDaddy representatives say they are already resetting passwords for sFTP and DB compromised during hacking. The company also reset passwords from administrator accounts if customers still used the default password given to them at the very beginning. In addition, the company is in the process of re-issuing and installing new SSL certificates for those affected.

The incident has already been reported to law enforcement agencies, and third-party cybercriminalists have joined the investigation of the incident.

Let me remind you that this is not the first case of compromising GoDaddy resources. For example, in 2019, hackers placed more than 15,000 malicious subdomains in the company's infrastructure, which redirected visitors to sites that advertised dietary supplements to improve brain function, weight loss pills, CBD oils, and so on.

Sources:
  1. https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm
  2. https://xakep.ru/2021/11/22/godaddy-wp-leak/
 
Last edited:
2
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
5
•••
1
•••
Domain registrar and hoster GoDaddy reported hacking and data leakage. During the incident, the data of 1.2 million customers of the company was affected, as hackers gained access to the WordPress hosting environment.

GoDaddy reported the incident in documents filed this week with the U.S. Securities and Exchange Commission. The company discovered the hack last week, on November 17, after "suspicious activity" in a managed hosting environment for WordPress.

The investigation revealed that unknown hackers maintained access to GoDaddy's servers for more than two months, and penetrated the company's network on September 6, 2021. It is reported that the attackers had access to the following data:

  • information of 1.2 ml active and inactive clients of managed hosting for WordPress, including email addresses and client numbers;
  • the original WordPress admin password that GoDaddy issues to clients when creating a website;
  • DB and sFTP usernames and passwords for active clients;
  • SSL private keys for some clients.
  • GoDaddy representatives say they are already resetting passwords for sFTP and DB compromised during hacking. The company also reset passwords from administrator accounts if customers still used the default password given to them at the very beginning. In addition, the company is in the process of re-issuing and installing new SSL certificates for those affected.

The incident has already been reported to law enforcement agencies, and third-party cybercriminalists have joined the investigation of the incident.

Let me remind you that this is not the first case of compromising GoDaddy resources. For example, in 2019, hackers placed more than 15,000 malicious subdomains in the company's infrastructure, which redirected visitors to sites that advertised dietary supplements to improve brain function, weight loss pills, CBD oils, and so on.

Sources:
  1. https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm
  2. https://xakep.ru/2021/11/22/godaddy-wp-leak/
Interesting news!
 
0
•••
Back