Another massive data breach has occurred, and this time it’s hitting GoDaddy customers. In total, 1.2 million accounts were affected by the attack, leaving many people concerned about the safety of their website’s private information.
GoDaddy reported the breach to the Securities and Exchange Commission. The company explained that it detected unauthorized access to the systems where it hosts and manages WordPress servers. Because WordPress is such a popular tool for creating and managing websites, this could be a severe attack.
As far as what the hackers got, active customers had their sFTP credentials stolen. This is used for file transfers. Additionally, usernames and passwords for WordPress databases were taken. That means the attackers could have full access to a website’s content. Some users had their SSL (HTTPS) private keys exposed, which could let the malicious attacker impersonate a website.
GoDaddy has reset WordPress passwords and private keys, so it’s already taken the steps required to stock the attacker from exploiting anything with the passwords obtained. The company is in the process of generating new SSL certificates for customers.
The person used a compromised password to get into GoDaddy’s systems around September 6, 2021. The company said it discovered the breach on November 17, 2021. It filed with the SEC on November 22, 2021. That’s a good reaction time from GoDaddy, as it tends to take time for the company to learn exactly what happened before it files anything.
If you were using GoDaddy to host your WordPress website, you’ll want to keep an eye on your content and change all of your passwords to make sure everything is secure.
- › The New HP Pro x360 Fortis Is a 2-In-1 Laptop Under $500
- › Get PC Power With Tablet Portability in the Surface Pro 9 for $200 Off
- › What Is a Condenser Microphone, and How Do They Work?
- › How to Change Your Age on TikTok
- › How to Screen Record on iPhone
- › This Huge Curved Ultrawide Monitor From LG Is $337 Today