1.2 million WordPress websites breached, says GoDaddy

GoDaddy warned users that this exposure can put them at greater risk of phishing attacks

1.2 million WordPress websites breached, says GoDaddy

Photo for representation. iStock

New Delhi, November 23

In a huge data breach, global web hosting website GoDaddy has revealed that nearly 1.2 million of its WordPress customers’ sensitive information has been compromised.

In a blog post, GoDaddy’s Chief Information Security Officer (CISO) Demetrius Comes said that they’ve discovered unauthorised access to its managed WordPress servers.

“Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks,” Comes said late on Monday.

On November 17, the company discovered unauthorised third-party access to our Managed WordPress hosting environment.

“We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement. Using a compromised password, an unauthorised third party accessed the provisioning system in our legacy code base for Managed WordPress,” the company explained.

GoDaddy has warned users that this exposure can put users at greater risk of phishing attacks.

The investigation is ongoing, but “we have determined that, beginning on September 6, 2021, the unauthorised third party used the vulnerability to gain access to the following customer information”, the company informed.

The original WordPress Admin password that was set at the time of provisioning was also exposed.

“If those credentials were still in use, we reset those passwords. For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords,” said GoDaddy.

“We are sincerely sorry for this incident and the concern it causes for our customers. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection,” said Comes. —IANS

Tribune Shorts


Top Stories

Opposition leaders meet Naidu, seek suspension of 12 Rajya Sabha members be revoked

Congress-led opposition walks out of both Houses of Parliament over suspension of 12 MPs

They walk out after Rajya Sabha Chairman M Venkaiah Naidu de...

Omicron scare: 1,000 travellers from African nations landed in Mumbai in last 15 days; 100 tested

Omicron scare: 1,000 travellers from African nations landed in Mumbai in last 15 days; 100 tested

Swab samples were collected of at least 100 travellers out o...

WHO warns that new virus variant poses ‘very high’ risk

WHO warns that new virus variant poses ‘very high’ risk

The assessment from the UN health agency, contained in a tec...

Vinod Dua remains ‘extremely critical and fragile’, says daughter

Vinod Dua remains ‘extremely critical and fragile’, says daughter

Vinod Dua, who was hospitalised with Covid earlier this year...

Long live ‘debate-less’ parliamentary democracy: Chidambaram’s dig at govt

Long live ‘debate-less’ parliamentary democracy: Chidambaram’s dig at govt

Parliament on Monday passed the bill to repeal the three con...

Cities

View All