GoDaddy, the web hosting company, and one of the largest domain registrars identified a third party unauthorized access. In this huge data breach, the website said that nearly 1.2 million word press customers’ email addresses and customer number data have been compromised.
A risk of phishing attacks is been ruled since there was an exposure of email addresses, where cybercriminals send emails to users to seek other important details from them. The company’s Chief Information Security Officer Demetrius Comes said that since the suspicious activity was identified, they immediately began an investigation with the help of an IT forensic firm. They even contacted law enforcement.
He explained that using a compromised password, the provisioning system in their legacy code for managed Word Press hosting environment. This third-party breach is likely to have begun on September 6th, 2021, almost 2 months before GoDaddy discovered it.
Also, the original WordPress admin password was compromised that was set at the time of provisioning. They have reset the credentials though. For active users, their secure file transfer protocol passwords and usernames were exposed. Also, SSL private key was exposed and GoDaddy is in the process of issuing and installing new certificates for their customers.
The company said that it is contacting all of its affected customers and also customers too can contact them via its help center which includes phone numbers according to country. The company in a statement, addressed to US Securities and Exchange Commission, apologized for the incident and took the responsibility of protecting its customer data. They have already taken steps to strengthen their provisioning system by adding additional layers of protection to avoid any such breaches in the future.
GoDaddy said that the investigation is still going on and there are no reports of any incident taking advantage of this security breach.
