New Delhi : , Nov 23, 2003 – GoDaddy, a global web hosting company, has disclosed that almost 1.2 Million WordPress customers have had their sensitive data compromised.
Demetrius Comes, GoDaddy’s Chief information Security Officer (CISO), stated in a blog that unauthorized access was discovered to managed WordPress servers.
Email addresses and customer numbers of up to 1.2million active Managed WordPress customers were exposed.Comes stated late Monday that the exposure of email addresses poses a risk for phishing attacks.
The company found unauthorised access by third parties to Managed WordPress hosting environments on November 17.
We discovered suspicious activity within our Managed WordPress hosting environment.With the assistance of IT forensics firms, we immediately started an investigation and reached out to law enforcement.The company stated that an unauthorised third-party accessed our Managed WordPress provisioning system using a compromised password.
GoDaddy warns users about the possibility of being hacked.
Although the investigation continues, “we have determined, starting on September 6, 2021 that the unauthorised third-party used the vulnerability in order to gain access the following customer information,” the company stated.
It was also revealed that the original WordPress Admin password, which was used at provisioning time, was also available.
We reset passwords if these credentials are still being used.
Passwords and usernames for active customers were revealed via sFTP or database.GoDaddy stated that both passwords were reset.
We are deeply sorry for the inconvenience caused to our customers by this incident.Comes said that they will take the lessons from this experience and have already begun to improve our protection system by adding additional layers.
na/ksk/
#GoDaddy #WordPress #sites #breached #Delhi
