Wednesday, 24 November 2021 11:33

GoDaddy Security breach exposes 1 million email accounts

Written by
GoDaddy Security breach exposes 1 million email accounts REUTERS/Brendan McDermid/File Photo

Users of the web hosting service GoDaddy had their accounts compromised for months before learning about the breach. The attackers were also able to compromise websites’ security certificates.

Hackers targeting GoDaddy were able to access some 1.2 million email addresses affiliated with the domain registrar who used the WordPress web-hosting format, according to a US Securities and Exchange Commission (SEC) disclosure filed on Monday.

The hackers allegedly accessed a “provisioning system” within WordPress by “using a compromised password” associated with the content management system on September 6, interference that wasn’t noticed until two months later.

Upon discovering the breach on November 17, GoDaddy “immediately locked the attacker out,” the web hosting company claimed in the filing, explaining that it subsequently embarked on its own investigation and contacted law enforcement and an unspecified "IT forensics firm."

“We are sincerely sorry for this incident and the concern it causes for our customers,” chief information security officer Demetrius Comes wrote. “We, GoDaddy leadership and employees, take our responsibility to protect customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”

Hackers prowling through the data left accessible to anyone with that compromised password were able to view not just the original WordPress admin passwords, but customers’ private SSL keys – best known as the miniature padlock icon used to reassure customers they are operating over a secure connection if they are shopping online, for example.

Comes pledged that the company had reset its main passcodes and was in the process of issuing and installing new SSL certificates, a thorny process given that web hosts are often warned against submitting personal information in response to inquiries from their hosting platforms, lest the inquiry turn out to be a phishing attack.

GoDaddy acknowledged the latter in another SEC filing, complaining of an “increased level” of “social engineering efforts” targeting the company, some of which were apparently successful.

(source)

Last modified on Monday, 04 April 2022 19:58

Latest Comments

Nate Covington posted a comment in Download XMap for Joomla - All Versions Joomla
Hi, I stopped using Xmap years ago. Not sure about your particular error with Hikashop. I suggest ...
Jonathan Brain posted a comment in Download XMap for Joomla - All Versions Joomla
Got these errors with your copy of XMap for Joomla 3.0.x download when upgrading a Joomla / Hikashop...
Nate Covington posted a comment in Simple Drupal Webform (v4) PayPal Integration
@giucas - No, this is a "PayPal" thing. Most likely there IS a way for a user to pay with a guest a...
Joy Lewis posted a comment in Beware of Fraud: Web Design Scam
I had the same issue today, I'm glad I didn't respond it seemed really fishy. Thanks for getting i...
Thanks for this code! The paypal form doesn't allow guest payment (with credit card) but only via pa...

Web Design & Development

Wordpress, Drupal, Joomla
New custom websites
Bespoke themes and extensions
Redesigns, upgrades, migrations

Web Design & Development

Optimization & SEO

Let us optimize and manage your overall online presence. We offer full service monthly SEO as well as one-time projects.  

Optimization Plans & Pricing

Maintenance, Patching

White glove monthly backups, security updates, maintenance and testing for your Wordpress, Drupal, or Joomla site.

Maintenance Plans & Pricing

Stay in Touch!

Bring your web & marketing performance to the next level: monthly blog post roundup via email.  

Try it out