Web hosting company GoDaddy revealed that the email addresses of up to 1.2 million WordPress users had been exposed due to a security breach.
The company said the breach was discovered on Wednesday, 17 November, with the unauthorised third party accessing GoDaddy’s system using a compromised password.
“We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement,” said Demetrius Comes, Chief Information Security Officer at GoDaddy.
“Using a compromised password, an unauthorised third party accessed the provisioning system in our legacy code base for Managed WordPress.”
The investigation is ongoing, and GoDaddy identified that the unauthorised third party had access to the system since 6 September 2021.
With access to the system, the unauthorised user was able to access the following user information:
- Up to 1.2 million active and inactive Managed WordPress customers’ email addresses and customer numbers were exposed. The exposure of email addresses presents a risk of phishing attacks.
- The original WordPress Admin password was exposed.
- For active customers, sFTP and database usernames and passwords were exposed.
- For a subset of active customers, the SSL private key was exposed.
GoDaddy said it had taken steps to reset the passwords and SSL private keys exposed and is already working to strengthen its system with additional layers of protection.
Main Image: TechCrunch