In a huge
data breach, global web hosting platform
GoDaddy has revealed that nearly 1.2 million of its
WordPress customers' sensitive information has been compromised.
In a blog post, GoDaddy's Chief Information Security Officer (CISO) Demetrius Comes said that they've discovered unauthorised access to its managed WordPress servers.
"Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks," Comes said late on Monday.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More On November 17, the company discovered unauthorised third-party access to our Managed WordPress hosting environment.
"We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement. Using a compromised password, an unauthorised third party accessed the provisioning system in our legacy code base for Managed WordPress," the company explained.
GoDaddy has warned users that this exposure can put users at greater risk of phishing attacks.
The investigation is ongoing, but "we have determined that, beginning on September 6, 2021, the unauthorised third party used the vulnerability to gain access to the following customer information", the company informed.
The original WordPress Admin password that was set at the time of provisioning was also exposed.
"If those credentials were still in use, we reset those passwords. For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords," said GoDaddy.
"We are sincerely sorry for this incident and the concern it causes for our customers. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection," said Comes.
SEE ALSO:Google Play Store to get “Offers” tab for limited-time deals on apps and gamesMeta is delaying end-to-end encryption for Facebook Messenger and Instagram until 2023 — here’s why
Next Story
Colon cancer rates are rising in young people. If you have two symptoms you should get a colonoscopy, a GI oncologist says.
I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
An Ambani disruption in OTT: At just ₹1 per day, you can now enjoy ad-free content on JioCinema
IMD predicts severe heatwave conditions over East, South Peninsular India for next five days
COVID lockdown-related school disruptions will continue to worsen students’ exam results into the 2030s: study
India legend Yuvraj Singh named ICC Men's T20 World Cup 2024 ambassador
Maruti Suzuki Q4 net profit rises 47.8% to ₹3,877.8 crore
10 Incredible destinations for backpackers in India
