Data breaches and privacy hacks have become a worldwide concern in the 21st century. With every passing day, growing concerns of cyberattacks and phishing attacks are on the verge. Moreover, the easier and swift access to the internet had made it easier for hackers to invade the data privacy of users with utmost ease.
In a piece of recent news, global domain registrar and web hosting company GoDaddy revealed that it recently suffered a data breach in which the user data of 1.2 million of its customers have been accessed and compromised.
Compromised User Data
According to the company’s chief information security officer Demetrius Comes, an unauthorized third party had gained access to its managed WordPress hosting environment.
In a blog post, Chief Information Officer Demetrius stated that they have discovered unauthorized access to its managed WordPress servers. As per reports by the company, an unauthorized person gained access to its systems around September 6 through a compromised password. However, it was not until last week on November 17 that the company discovered the breach.
On 22 Nov 2021, Comes remarked “Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks.” Upon further investigation, the company identified suspicious activity in its Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics and contacted law enforcement. It further explained that “Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress.”
Recoveries and Strengthening Security
Go Daddy further added that the original WordPress Admin password that was set at the time of provisioning was also exposed. It clarified that in case those credentials were still in use, the company reset those passwords. However, for active customers, sFTP and database usernames and passwords were exposed, and Go Daddy has reset both passwords. The company has also warned users that this exposure can put users at greater risk of phishing attacks.
Issuing a statement of apology, Comes stated, “We are sincerely sorry for this incident and the concern it causes for our customers. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”
Go Daddy’s History of Breaches
The latest WordPress data breach accounts as Go Daddy’s recent security breach in the past few years. In 2018, an AWS error exposed data on GoDaddy servers, and in 2020, 28,000 user accounts were breached by an unauthorized individual. Moreover, in 2020, GoDaddy was also referenced as part of a hack that took down a number of sites in the cryptocurrency space.
For further reference, WordPress is a content management system (CMS) used by millions of site owners worldwide to set up blogs and websites and like other hosting providers, GoDaddy offers WordPress hosting in addition to shared hosting, VPS hosting, dedicated servers, and more. The web host has more than 20 million customers worldwide.