GoDaddy Data Breach: Over 1 Million Accounts Exposed

GoDaddy Reports Data Breach Affecting 1.2 Million Customers

GoDaddy, a leading web hosting provider, has announced a significant data breach. The company is notifying approximately 1.2 million customers that their data may have been compromised.

Unauthorized System Access

According to a filing with the Securities and Exchange Commission, Demetrius Comes, GoDaddy’s chief information security officer, revealed that unauthorized access was detected within the company’s systems. These systems are utilized for hosting and managing WordPress servers for its clientele.

WordPress serves as a widely-used, web-based content management system, empowering millions to establish blogs and websites. GoDaddy provides a service allowing customers to host their individual WordPress installations on its servers.

Breach Details and Timeline

The unauthorized access occurred around September 6th, facilitated by a compromised password. However, the breach wasn't discovered until November 17th. It remains uncertain whether two-factor authentication was enabled on the affected account.

The incident impacts both active and inactive managed WordPress users, totaling 1.2 million individuals. Exposed data includes email addresses and customer numbers, potentially increasing the risk of phishing attacks.

Specific Data Compromised

Furthermore, the original WordPress admin passwords, established during initial WordPress installation, were also exposed. These passwords could grant access to a customer’s WordPress server.

Active customers experienced a broader scope of data exposure. This included their sFTP credentials – used for file transfers – and the usernames and passwords for their WordPress databases, which contain all user-generated content.

In certain instances, the customer’s SSL (HTTPS) private key was also compromised. Exploitation of this key could enable an attacker to impersonate a customer’s website or associated services.

GoDaddy’s Response

GoDaddy has taken steps to mitigate the damage, including resetting customer WordPress passwords and private keys. The company is also actively issuing new SSL certificates.

With a global customer base exceeding 20 million, this breach represents a substantial security incident. Dan Race, a GoDaddy spokesperson, declined to provide further comment due to the ongoing investigation.

Further Reading

• Hostinger data breach: May affect 14 million customers.
• Epik security flaw: Warnings issued weeks prior to a successful hack.
• Web hosting vulnerabilities: Simple account takeover hacks exploited on major sites.

This article was updated to reflect a declined comment from GoDaddy.