A hacker gained access to the personal information of more than 1.2 million customers of GoDaddy’s WordPress hosting service, according to Internet infrastructure company GoDaddy.
“GoDaddy has identified a security incident that may have impacted approximately 1% of GoDaddy’s customer accounts,” according to SEC filings made earlier today.
GoDaddy data breach: The company has already reset FTP and database passwords
A hacker had access to its servers for more than two months, according to the later inquiry, beginning on September 6.
According to the results of current research, the hacker was able to access the following data:
- Approximately 1.2 million active and inactive Managed WordPress customers had their email addresses and client numbers compromised.
- The original WordPress Admin password that GoDaddy issued to customers when a site was created.
- Customers who have been active have had their sFTP and database usernames and passwords exposed.
- The SSL private key was revealed for a subset of active clients.
According to GoDaddy, the company has already reset FTP and database passwords that were stolen in the breach. Customers who were still utilizing the default password that GoDaddy provided when their sites were launched had their admin account passwords reset.
The firm said it is still in the process of issuing and installing new SSL certificates for clients that were affected, which is a little more challenging than resetting passwords.
According to GoDaddy, it has contacted law enforcement and is working with an IT forensics firm to investigate the situation further. Customer notifications have also been sent out today, according to two site owners.
“We are sincerely sorry for this incident and the concern it causes for our customers.”
-Demetrius Comes, Chief Information Security Officer at GoDaddy.
This is the firm’s second breach in two years, following a hacker gaining access to some clients’ SSH accounts back in early 2020.
