One of the oldest players in the hosting industry, GoDaddy reported that recently the threat actors exposed its 1.2 million user accounts. The compromised data includes the email address and numbers of its 1.2 million clients. GoDaddy’s Managed WordPress hosting environment was breached to compromise the user data.
The company has also filed a report about the data breach with the Securities and Exchange Commission.
The hosting company added that in September, a third party got access to the system using a compromised password.
Demetrius Comes, GoDaddy Chief Information Security Officer said that they observed an unusual activity going on within their Managed WordPress hosting and immediately carried an investigation with the assistance of an IT forensic company and contacted law enforcement.
After the investigation had been carried out, GoDaddy blocked the illegitimate third party from accessing its system.
Want to read more about web hosting news? Signup for our newsletter and get the latest updates from prominent web hosting industries.
Meanwhile, the company has reset the original WordPress Admin password and also has reset the sFTP and WordPress database usernames and passwords after the exposure.
The SSL private key was also exposed during the attack. So, the company will have to issue and install new certificates for those clients.
Mr. Comes said that they are extremely sorry for the misfortunate incident and the trouble it brings to its clients. He further said that GoDaddy takes their responsibilities to safeguard their client’s data and doesn’t want to disappoint them. They will learn from this data breach and will take the necessary steps to tighten their provisioning system with extra protection layers.
Want to read more about web hosting news? Signup for our newsletter and get the latest updates from prominent web hosting industries.