WBig data breach at GoDady hosting giant GoDady. This was reported by the company itself. The company claims that 1.2 million users’ data has been leaked to the Internet and is now available to anyone.

In a filing with the Securities and Exchange Commission, Godaddy’s chief information security officer, Demetrius Cummins, said the hacking had been detected on customers’ WordPress servers. Godadi says this provides an opportunity to gain access to systems that host and control multiple sites. WordPress is a web-based content management system used by millions of people to set up blogs or websites. This is where a serious data breach is found. Godadi allows users to install their own WordPress on their servers.

Godadi said that by September 6, an unauthorized person had used a stolen password to gain access to his systems. The violation was discovered on November 17 last week. It is not clear whether the password was used with two-factor authentication.

The company claims that this security breach affects 1.2 million active and inactive management WordPress users, and that their email addresses and customer numbers have been exposed. Godadi said the leak could increase the risk of phishing attacks on users. They also reveal that the original WordPress admin password that can be used to access a customer’s WordPress server has now been revealed.

The company claims that the FTP credentials (for file transfers) and the usernames and passwords of their WordPress databases that store all of the users’ content have been compromised. In some cases, the customer’s SSL private key has been exposed, allowing the attacker to impersonate a customer’s website or services if misused. Godadi said it was resetting the customer’s WordPress passwords and private keys and was in the process of issuing new SSL certificates.

Last Updated on November 24, 2021 6:41 PM IST