US domain registrar and web host GoDaddy has reported a data breach after an ‘unauthorized third party’ gained access to its Managed WordPress hosting environment. E-mail addresses, customer numbers, admin passwords and SSL private keys were also stolen.
According to GoDaddy, this concerns data from in the worst case 1.2 million users. GoDaddy learned on November 17 that an “unauthorized third party” had access to the company’s Managed WordPress hosting environment. The company expects that this person had been inside since September 6 and had the purpose of accessing customer data.
According to GoDaddy, this concerns the email addresses and customer numbers of 1.2 million active and inactive Managed WordPress customers. Also, the original WordPress admin passwords that GoDaddy provided to customers have been leaked. Active users have had their sFTP and database usernames and passwords leaked and some of the users’ SSL private keys have also been leaked. GoDaddy reset all stolen passwords, if they were still in use. Customers whose SSL key has been stolen will receive a new certificate, but GoDaddy is still working on that.
It is not yet known who is behind the hack and GoDaddy is still investigating. GoDaddy does not yet provide details on why the passwords were visible in the hosting environment and whether they were encrypted. In 2020, GoDaddy warned 28,000 customers of a data breach that could lead to data looting.