GoDaddy confirmed more than one million users' data were exposed after it was the victim of a malicious hacking incident.
On September 6th, an "unauthorized third party" accessed GoDaddy's Managed WordPress in the IT infrastructure. And it was more than two months before they realized the breach had happened.
From there, the hacker was able to steal customer numbers and emails, the WordPress Admin password, and other sensitive details from clients who had both active and inactive WordPress sites.
GoDaddy responds to data breach
GoDaddy's Chief Information Security Officer (CISO) Demetrius Comes said once the breach was detected, GoDaddy contacted authorities immediately and blocked the third-party user, determined to be a malicious hacker.
"We are sincerely sorry for this incident and the concern it causes for our customers. We, GoDaddy leadership and employees, take our responsibility to protect our customers' data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection," Comes said in a blog post.
In the post, Comes also confirmed the following were compromised:
• email addresses
• customer numbers
• active customers: sFTPs, database usernames, and passwords
• some active customers: SSL private key
The company sent an email alerting customers to the security breach. In the email, GoDaddy said it reset passwords and, in some cases, revoked SSL certificates.
According to other sources, GoDaddy did not discover the breach for more than two months after it happened.
Customers who have been impacted by the breach can visit the help center online at godaddy.com/help for contact information by region.
Third GoDaddy breach in four years
Many on social media were quick to comment on other breaches connected to GoDaddy servers, which made some question the security of the web hosting company.
PSA:
— Troy Forster (@tforster) November 22, 2021
Friends don't let friends use WordPress
Friends don't let friends use GoDaddyhttps://t.co/4xqLNy7CqD
Another customer commented that it felt like GoDaddy was unapologetic.
wow, GoDaddy letter to affected customers really does feel like doing the absolute bare minimum to deal with the huge security breach and then shrugging; hope there's another page of actual apology and serious improvement https://t.co/nmKoTnvQUJ
— Mary Branscombe (@marypcbuk) November 23, 2021
This is the third data breach GoDaddy has experienced since 2018.
- In 2018, GoDaddy was connected to a data leak when an Amazon Web Services (AWS) spreadsheet was exposed.
- Another malicious hacker compromised 28,000 customers' hosting sites in 2020.
What are your thoughts about this breach? Where has GoDaddy gone wrong with its security measures? Share your comment below.
Resource
Check out SecureWorld's conferences to learn more about cybersecurity best practices for various topics.