Wednesday, 24 November 2021 11:33

GoDaddy Security breach exposes 1 million email accounts

GoDaddy Security breach exposes 1 million email accounts REUTERS/Brendan McDermid/File Photo

Users of the web hosting service GoDaddy had their accounts compromised for months before learning about the breach. The attackers were also able to compromise websites’ security certificates.

Hackers targeting GoDaddy were able to access some 1.2 million email addresses affiliated with the domain registrar who used the WordPress web-hosting format, according to a US Securities and Exchange Commission (SEC) disclosure filed on Monday.

The hackers allegedly accessed a “provisioning system” within WordPress by “using a compromised password” associated with the content management system on September 6, interference that wasn’t noticed until two months later.

Upon discovering the breach on November 17, GoDaddy “immediately locked the attacker out,” the web hosting company claimed in the filing, explaining that it subsequently embarked on its own investigation and contacted law enforcement and an unspecified "IT forensics firm."

“We are sincerely sorry for this incident and the concern it causes for our customers,” chief information security officer Demetrius Comes wrote. “We, GoDaddy leadership and employees, take our responsibility to protect customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”

Hackers prowling through the data left accessible to anyone with that compromised password were able to view not just the original WordPress admin passwords, but customers’ private SSL keys – best known as the miniature padlock icon used to reassure customers they are operating over a secure connection if they are shopping online, for example.

Comes pledged that the company had reset its main passcodes and was in the process of issuing and installing new SSL certificates, a thorny process given that web hosts are often warned against submitting personal information in response to inquiries from their hosting platforms, lest the inquiry turn out to be a phishing attack.

GoDaddy acknowledged the latter in another SEC filing, complaining of an “increased level” of “social engineering efforts” targeting the company, some of which were apparently successful.

(source)

Last modified on Monday, 04 April 2022 19:58
Comments (0)
There are no comments posted here yet
Leave your comments
Posting as Guest
×
Suggested Locations

Latest Comments

Got a similar email that seemed suspicious. Ignored it and they even followed up today.
My organization received one of these emails from "Linda," but uses https://www.bestprosintown.com/p...
Hi Nate, I got the same email template from the same email address today and found you through a ...
Just received one today (16 Aug 2022) from "Mailchimp". Thanks for sharing!
Thanks for posting this. I just got one today. I was 99% sure it was a scam, and your post confirmed...


Design & Development

Wordpress, Drupal, Joomla
New custom websites
Bespoke themes and extensions
Redesigns, upgrades, migrations

Web Design & Development


Optimization & SEO

Let us optimize and manage your overall online presence. We offer full service monthly SEO as well as one-time projects.  

Optimization Plans & Pricing


Maintenance, Patching

White glove monthly backups, security updates, maintenance and testing for your Wordpress, Drupal, or Joomla site.

Maintenance Plans & Pricing


Email Newsletter

Bring your web & marketing performance to the next level: monthly blog post roundup via email.  

Stay in Touch!