News

Web host GoDaddy reports theft of customer data and admin passwords

By admin
Spread the love

US domain registrar and web host GoDaddy has reported a data breach after an ‘unauthorized third party’ gained access to its Managed WordPress hosting environment. E-mail addresses, customer numbers, admin passwords and SSL private keys were also stolen.

According to GoDaddy, this concerns data from in the worst case 1.2 million users. GoDaddy learned on November 17 that an “unauthorized third party” had access to the company’s Managed WordPress hosting environment. The company expects that this person had been inside since September 6 and had the purpose of accessing customer data.

According to GoDaddy, this concerns the email addresses and customer numbers of 1.2 million active and inactive Managed WordPress customers. Also, the original WordPress admin passwords that GoDaddy provided to customers have been leaked. Active users have had their sFTP and database usernames and passwords leaked and some of the users’ SSL private keys have also been leaked. GoDaddy reset all stolen passwords, if they were still in use. Customers whose SSL key has been stolen will receive a new certificate, but GoDaddy is still working on that.

It is not yet known who is behind the hack and GoDaddy is still investigating. GoDaddy does not yet provide details on why the passwords were visible in the hosting environment and whether they were encrypted. In 2020, GoDaddy warned 28,000 customers of a data breach that could lead to data looting.

You might also like
News

Sony and Microsoft sign agreement to keep Call of Duty on PlayStation

News

Proton releases Windows app for encrypted cloud storage service Proton Drive

News

Senate adopts bill to make doxing a punishable offense

News

Razer is investigating possible cyber attack on Razer Gold

News

Google lets users set up multiple work locations for one day in Calendar

News

Threads is working on deleting account without deleting Instagram account