GoDaddy, one of the leading domain and hosting providers has been hit by another cyberattack, and this time putting the details of 1.2 million WordPress users at risk.
The previous hacking attack on GoDaddy was in April 2020, where 28,000 GoDaddy accounts were exposed. Now, the number of affected WordPress accounts is way more. It’s 1.2 million now. Demetrius Comes, GoDaddy’s Chief Information Security Officer shared the news of the attack with the US Securities and Exchange Commission.
Demetrius Comes apologies in his statement. “We are sincerely sorry for this incident and the concern it causes for our customers. We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”
On November 17, the staff noticed a suspicious activity where a third-party user was trying to login through a compromised password. This incident exposed the email addresses, WordPress Admin password, sFTP database username and password, and SSL private key of 1.2 million inactive and active Managed WordPress customers.
GoDaddy now involved IT forensics and law enforcement to investigate the matter. Several WordPress database passwords are being reset and new SSL certificates are being issued to the affected users.
“We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement. Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress.”
I have said earlier that the hackers need to break in just once to be successful. Their one attack breaks our multilayered protection from cyber attacks.
Effects of Such Cyberattacks
As so many data variables are in the wrong hands, the attackers can use them in multiple ways
- Email address leaks lead to email phishing attacks
- SSL certificate password leaks lead to domain mimicking which can lead to malware spreading
- Any sort of data leak may lead to blackmailing or ransomware threats.
If you want to improve your website security on all ends, do read the below blogs on cybersecurity