SecureWorld News

GoDaddy Incident Leaks Data of More than 1 Million WordPress Customers

Written by SecureWorld News Team | Wed | Nov 24, 2021 | 5:35 PM Z

GoDaddy confirmed more than one million users' data were exposed after it was the victim of a malicious hacking incident. 

On September 6th, an "unauthorized third party" accessed GoDaddy's Managed WordPress in the IT infrastructure. And it was more than two months before they realized the breach had happened. 

From there, the hacker was able to steal customer numbers and emails, the WordPress Admin password, and other sensitive details from clients who had both active and inactive WordPress sites. 

GoDaddy responds to data breach

GoDaddy's Chief Information Security Officer (CISO) Demetrius Comes said once the breach was detected, GoDaddy contacted authorities immediately and blocked the third-party user, determined to be a malicious hacker. 

"We are sincerely sorry for this incident and the concern it causes for our customers. We, GoDaddy leadership and employees, take our responsibility to protect our customers' data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection," Comes said in a blog post

In the post, Comes also confirmed the following were compromised:

• email addresses
• customer numbers
• active customers: sFTPs, database usernames, and passwords
• some active customers: SSL private key

The company sent an email alerting customers to the security breach. In the email, GoDaddy said it reset passwords and, in some cases, revoked SSL certificates. 

According to other sources, GoDaddy did not discover the breach for more than two months after it happened. 

Customers who have been impacted by the breach can visit the help center online at godaddy.com/help for contact information by region.

Third GoDaddy breach in four years

Many on social media were quick to comment on other breaches connected to GoDaddy servers, which made some question the security of the web hosting company. 

Another customer commented that it felt like GoDaddy was unapologetic.

This is the third data breach GoDaddy has experienced since 2018. 

  • In 2018, GoDaddy was connected to a data leak when an Amazon Web Services (AWS) spreadsheet was exposed. 
  • Another malicious hacker compromised 28,000 customers' hosting sites in 2020. 

What are your thoughts about this breach? Where has GoDaddy gone wrong with its security measures? Share your comment below. 

Resource 

Check out SecureWorld's conferences  to learn more about cybersecurity best practices for various topics.