Huge GoDaddy Data Breach Exposes Over a Million Accounts

Another massive data breach has occurred, and this time it’s hitting GoDaddy customers. In total, 1.2 million accounts were affected by the attack, leaving many people concerned about the safety of their website’s private information.

GoDaddy reported the breach to the Securities and Exchange Commission. The company explained that it detected unauthorized access to the systems where it hosts and manages WordPress servers. Because WordPress is such a popular tool for creating and managing websites, this could be a severe attack.

As far as what the hackers got, active customers had their sFTP credentials stolen. This is used for file transfers. Additionally,  usernames and passwords for WordPress databases were taken. That means the attackers could have full access to a website’s content. Some users had their SSL (HTTPS) private keys exposed, which could let the malicious attacker impersonate a website.

GoDaddy has reset WordPress passwords and private keys, so it’s already taken the steps required to stock the attacker from exploiting anything with the passwords obtained. The company is in the process of generating new SSL certificates for customers.

The person used a compromised password to get into GoDaddy’s systems around September 6, 2021. The company said it discovered the breach on November 17, 2021. It filed with the SEC on November 22, 2021. That’s a good reaction time from GoDaddy, as it tends to take time for the company to learn exactly what happened before it files anything.

If you were using GoDaddy to host your WordPress website, you’ll want to keep an eye on your content and change all of your passwords to make sure everything is secure.