A popular web hosting provider and domain registrar, GoDaddy, recently fell prey to a serious data breach which led to the data of 1.2 million GoDaddy Customers being exposed. It was around November of this year that the GoDaddy data breach was discovered.
A brief on the GoDaddy data breach
Chief Information Security Officer, Demetrius Comes, gave a public statement after the data breach was discovered. This is what they explained to the US Securities and Exchange Commission. On November 17th, GoDaddy’s managed WordPress hosting environment showed signs of suspicious activity. It later turned out to be a threat actor who was using a compromised password to gain illegal access to the system.
Around 1.2 million active and inactive Managed WordPress customers had their critical information like email addresses and customer numbers at the mercy of this hacker. The infiltrators also got their hands on the WordPress Admin password for these accounts, along with the SFTP database credentials (for active customers). The hacker(s) also got access to the SSL private key for some of these 1.2 million customers.
Soon after the GoDaddy data breach came to light, the hosting provider partnered up with an IT forensics team to investigate the hack. Further, GoDaddy swiftly updated the credentials and SSL certificates for the accounts whose information was leaked.
Although the breach was due to security inefficiencies at GoDaddy, the company is not offering any free protection against the further cyber attacks that may be launched, now that so many email addresses have been leaked.
Comes concludes the disclosure by stating:
“We are sincerely sorry for this incident and the concern it causes for our customers. We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”
The statement further added that while the company’s investigation is ongoing, they are contacting all impacted customers directly with specific details.
More IT and security resources and updates.