Reported to be the third security incident since 2018, Web hosting giant GoDaddy on Monday disclosed a massive data breach that resulted in unauthorized access to data of over over 12 lakh WordPress active and inactive customers.
As per the filing by Chief Information Security Officer Demetrius Comes with US Securities and Exchange Commission (SEC), the web hosting giant discovered the breach on November 17, 2021, with “third-party access” to its “Managed WordPress hosting environment.”
GoDaddy Announces Security Incident Affecting Managed WordPress Service
On September 27, 2021, we discovered unauthorized third party access to our Managed WordPress hosting environment. Here is the background on what happened and the steps we took, and are taking, in response.
We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement. Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress.
Upon identifying this incident, we immediately blocked the unauthorized third party from our system. Our investigation is ongoing, but we have determined that, beginning on September 6, 2021, the unauthorized third party used the vulnerability to gain access to the following customer information.
- Up to 1.2 million active and inactive Managed WordPress Customers had their email address and customer number exposed. The exposure of email addresses presents a risk of phishing attacks.
- The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, we reset those passwords.
- For active customers, sFTP and database usernames and passwords were exposed.
- For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for these customers.
Our investigation is ongoing and we are contacting all impacted customers directly with specific details. Customers can also contact via (https://www.godaddy.com/help) which includes phone numbers based on country.