GoDaddy discovered a data breach where data belonging to 1.2 million WordPress customers was exposed on 17th November 2021.
The company claims to have had unauthorized third-party access on Monday. It gained access to GoDaddy’s systems through a compromised password and exposed email addresses and customer numbers.
Demetrius Comes, GoDaddy’s chief information security officer claimed in his statement to US Securities and Exchange Commission that this unauthorized access was discovered on November 17, 2021, in GoDaddy’s Managed WordPress hosting environment.
On September 6, 2021, an unauthorized third party exploited the vulnerability to gain access to:
Despite no reports of an incident exploiting this data breach, users should still be worried that attackers can use SSL (Secure Socket Layer) credentials to mimic legitimate companies’ domains as part of a larger credential theft attack or even to spread malware.
Concerns also include the possibility of blackmailing businesses, MITM (Man in the Middle) attack, and hijacking domain names.
A team of IT forensics experts, hired by GoDaddy is currently investigating the incident. The cyber specialists reported that the unauthorized party gained access to WordPress customers’ data on 6th September 2021 but, the breach was detected last week.
Moreover, once the breach was identified, the intruder was blocked from GoDaddy’s entire system.