GoDaddy data breach exposed 1.2 million user accounts; phishing blamed

The breach also exposed users' sFTP credentials (used for file sharing) and the username and passwords of their WordPress databases. Some security certificates (https) were also compromised, which if abused, can allow an attacker to impersonate a customer’s website or services, said GoDaddy.
GoDaddy's shares fell about 1.6% on Monday.
GoDaddy's shares fell about 1.6% on Monday.
Published on Nov 23, 2021 01:51 PM IST
Copy Link
Byhindustantimes.com, Hindustan Times, New Delhi

GoDaddy, a popular internet domain registering company, has claimed that e-mail addresses and customer numbers of 1.2 million of its users were exposed recently. In a statement issued on Monday, GoDaddy said that the breach was detected in September and related to WordPress customers.

The company said that the third-party accessed the system using a compromised password. It added that the exposure was a result of a phishing attack.

"We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement," GoDaddy's chief information security officer Demetrius Comes said in a filing.

The company, whose shares fell about 1.6% on Monday, said it had immediately blocked the unauthorised third party, and an investigation was still going on.

The breach also exposed users' sFTP credentials (used for file sharing) and the username and passwords of their WordPress databases. Some security certificates (https) were also compromised, which if abused, can allow an attacker to impersonate a customer’s website or services, said GoDaddy.

The company is contacting each of the affected user individually and resetting their private keys. It is also in the process of issuing new SSL certificates.

GoDaddy hosts more than 20 million cutomers worldwide.

SHARE THIS ARTICLE ON
Close Story
SHARE
Story Saved
OPEN APP
×
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Tuesday, November 30, 2021