Several GoDaddy brands impacted in recent data breach
Latest in cybersecurity.
Recently disclosed data breach impacted several of its brands, including Domain Factory, Heart Internet, Host Europe, Media Temple, tsoHost and 123Reg.
Recently GoDaddy has disclosed a data breach that impacted up to 1.2 million of its customers, threat actors breached the company’s Managed WordPress hosting environment.
Threat actors compromised the company network since at least September 6, 2021, but the security breach was only discovered by the company on November 17.
The intruders used a compromised password to access the provisioning system in the company’s legacy code base for Managed WordPress. The initial investigation revealed that attackers exploited a vulnerability to gain access to the following customer information:
- Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks.
- The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, we reset those passwords
- For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords.
- For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for those customers.
Once identifying the intrusion, the company immediately locked the unauthorized third party out of its system.
via Security Affairs https://ift.tt/2ISWpiN
November 25, 2021 at 07:06AM