GoDaddy data breach exposed 1.2 million user accounts; phishing blamed
GoDaddy, a popular internet domain registering company, has claimed that e-mail addresses and customer numbers of 1.2 million of its users were exposed recently. In a statement issued on Monday, GoDaddy said that the breach was detected in September and related to WordPress customers.
The company said that the third-party accessed the system using a compromised password. It added that the exposure was a result of a phishing attack.
"We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement," GoDaddy's chief information security officer Demetrius Comes said in a filing.
The company, whose shares fell about 1.6% on Monday, said it had immediately blocked the unauthorised third party, and an investigation was still going on.
The breach also exposed users' sFTP credentials (used for file sharing) and the username and passwords of their WordPress databases. Some security certificates (https) were also compromised, which if abused, can allow an attacker to impersonate a customer’s website or services, said GoDaddy.
The company is contacting each of the affected user individually and resetting their private keys. It is also in the process of issuing new SSL certificates.
GoDaddy hosts more than 20 million cutomers worldwide.