The company said that hackers were able to gain access to it


imageGoDaddy recently learned that the impacts of a compromised password can be far-reaching.The domain registrar and web hosting platform revealed on Monday that it had experienced a security breach that disclosed up to 1.2 million email addresses for active and inactive Managed WordPress customers, as well as those customers’ WordPress administrator passwords.nnIn an announcement about the incident, which the company reported to the Securities and Exchange Commission, GoDaddy said it discovered that an unauthorized third-party had gained access to its Managed WordPress hosting environment on Nov.17, although the hacker had obtained access on Sept.6.The company explained that the source of breach was a “compromised password,” which allowed the hackers to enter the provisioning system in its legacy code base for Managed WordPress.nnIn addition to the 1.2 million active and inactive Managed WordPress email addresses revealed, customer numbers were exposed.The access to the email addresses opens those customers up to phishing attacks, GoDaddy said.

Customers’ original WordPress administrator passwords set at the time of provisioning, or when customers create their new sites, were also accessed.If the passwords were still being used by the affected customers, GoDaddy proceeded to reset them.

nnThe company said that sFTP and database usernames and passwords were also compromised for active customers.Those two passwords were reset as well.Meanwhile, a subset of active customers had their private SSL key compromised, and GoDaddy is currently in the process of issuing and installing new certificates for those affected.nnGoDaddy said that upon discovery, it immediately began to investigate the incident, enlisted the help of a third-party IT forensics firm, and contacted the authorities.It also blocked the hacker from its system.

nn“We are sincerely sorry for this incident and the concern it causes for our customers,” Demetrius Comes, the company’s chief information security officer, said in a news statement, noting that the investigation is ongoing.“We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down.We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”nnGizmodo reached on to GoDaddy on Tuesday to ask for additional information on how the compromised password was obtained and learn more about the additional steps the company was taking to protect its provisioning system.

We’ll make sure to update this blog if we hear back.nn nnn.

Leave a Reply

Your email address will not be published. Required fields are marked *

Next Post

Times Konkona Sen Sharma Got The Assignment

Konkona Sen Sharma is the kind of actor whose on-screen magnetism never fails to charm the audience, and whose interviews and dialogues leave us thoroughly impressed, every single time. Source: Mid-Day An actor par excellence, Sharma has been a part of the Indian film industry for over two decades, won […]
Times Konkona Sen Sharma Got The Assignment

Subscribe US Now