Close Menu
Innovation Village | Technology, Product Reviews, Business
    Facebook X (Twitter) Instagram
    Tuesday, May 20
    • About us
      • Authors
    • Contact us
    • Privacy policy
    • Terms of use
    • Advertise
    • Newsletter
    • Post a Job
    • Partners
    Facebook X (Twitter) LinkedIn YouTube WhatsApp
    Innovation Village | Technology, Product Reviews, Business
    • Home
    • Innovation
      • Products
      • Technology
      • Internet of Things
    • Business
      • Agritech
      • Fintech
      • Healthtech
      • Investments
        • Cryptocurrency
      • People
      • Startups
      • Women In Tech
    • Media
      • Entertainment
      • Gaming
    • Reviews
      • Gadgets
      • Apps
      • How To
    • Giveaways
    • Jobs
    Innovation Village | Technology, Product Reviews, Business
    You are at:Home»Cybercrime»GoDaddy security breach exposed over a million WordPress users’ data
    GoDaddy

    GoDaddy security breach exposed over a million WordPress users’ data

    0
    By Tapiwa Matthew Mutisi on November 23, 2021 Cybercrime, Cybersecurity, Data Protection, Information Technology, News, Security

    According to a disclosure it filed with the Security and Exchanged Commission (SEC) on Monday, web hosting company GoDaddy Inc said email addresses of up to 1.2 million active and inactive Managed WordPress customers had been exposed in an unauthorized third-party access.

    GoDaddy’s chief information security officer Demetrius Comes said the company detected unauthorized access to its systems where it hosts and manages its customers’ WordPress servers. WordPress is a web-based content management system used by millions to set up blogs or websites. GoDaddy lets customers host their own WordPress installs on their servers.

    GoDaddy acquires South African social content startup, Over

    The company says the attacker gained access to a provisioning system meant to set up and automatically configure new sites when customers create them in early September by “using a compromised password.” GoDaddy says that it noticed the intrusion on November 17th and immediately locked the attacker out before beginning an investigation and contacting law enforcement.

    The hackers had access to more than just the email addresses — they could also see the original WordPress admin passwords set by the provisioner, as well as the credentials for active users’ databases and sFTP systems. The company also says that some customers had their private SSL keys exposed, which are responsible for proving that a website is who it says it is (powering the little lock icon you often see in your browser’s address bar).

    According to GoDaddy, it’s working to mitigate the issues by resetting affected passwords and regenerating security certificates if needed. The company also says that it’s “contacting all impacted customers directly with specific details.” While those seem like appropriate steps, having to deal with a reset password will probably be a nuisance for some of its users.

    In recent intrusions at other companies, phishing or social engineering has been to blame though there have also been instances of simply poor password security. GoDaddy itself has some pretty upsetting history with testing its employees’ cybersecurity awareness when it comes to fake emails, but attackers really only need to get lucky once to access treasure troves of data.

    Related

    cybercrime CYbersecurity Data Protection Email Addresses GoDaddy Information technology Security breach WordPress
    Share. Facebook Twitter Pinterest LinkedIn Email
    Tapiwa Matthew Mutisi
    • Facebook
    • X (Twitter)
    • LinkedIn

    Tapiwa Matthew Mutisi has been covering blockchain technology, intelligent technologies, cryptocurrency, cybersecurity, telecommunications technology, sustainability, autonomous vehicles, and other topics for Innovation Village since 2017. In the years since, he has published over 4,000 articles — a mix of breaking news, reviews, helpful how-tos, industry analysis, and more. | Open DM on Twitter @TapiwaMutisi

    Related Posts

    Grok 3 Lands on Microsoft Azure: A Powerful New AI Model with Enterprise-Grade Muscle

    MTN Nigeria Sues 20 Banks Over SleekChip Debt

    Bill Masuku’s Multiversal Mandela Effect

    Leave A Reply Cancel Reply

    You must be logged in to post a comment.

    Copyright ©, 2013-2024 Innovation-Village.com. All Rights Reserved

    Type above and press Enter to search. Press Esc to cancel.