1. US rules out bailout for Silicon Valley Bank, auctions reportedly underway 2. Apple CEO Tim Cook backs AR/VR headset, likely to launch this year 3. Infosys’ Mohit Joshi joins Tech Mahindra as MD and CEO

1.2 mn WordPress websites breached, says GoDaddy

Spread the love

In a huge data breach, global web hosting platform GoDaddy has revealed that nearly 1.2 million of its WordPress customers’ sensitive information has been compromised.

In a blog post, GoDaddy’s Chief Information Security Officer (CISO) Demetrius Comes said that they’ve discovered unauthorised access to its managed WordPress servers.

“Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks,” Comes said late on Monday.

On November 17, the company discovered unauthorised third-party access to our Managed WordPress hosting environment.

Claim Free Bets

“We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement. Using a compromised password, an unauthorised third party accessed the provisioning system in our legacy code base for Managed WordPress,” the company explained.

GoDaddy has warned users that this exposure can put users at greater risk of phishing attacks
.
The investigation is ongoing, but “we have determined that, beginning on September 6, 2021, the unauthorised third party used the vulnerability to gain access to the following customer information”, the company informed.

The original WordPress Admin password that was set at the time of provisioning was also exposed.

“If those credentials were still in use, we reset those passwords. For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords,” said GoDaddy.

“We are sincerely sorry for this incident and the concern it causes for our customers. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection,” said Comes.

    THE FREE MEDIA

    THE FREE MEDIA

    All Posts

    Related Post

    View All

    Google to develop its spanking new AR headset, with ...

    January 24th, 2022 | NISHA HIRANI

    Spread the loveGoogle secretly aiming to release its spick and span augmented reality (AR) headset by 2024. The project is...

    WhatsApp adopts 500 Indian villages to promote digit...

    December 17th, 2021 | THE FREE MEDIA

    Spread the loveMeta-owned WhatsApp on Wednesday announced its pilot programme of adopting 500 villages across Karnataka an...

    Instagram to ‘double down’ on video, foc...

    January 1st, 2022 | THE FREE MEDIA

    Spread the loveIn a video message, Meta-owned photo-sharing platform Instagram’s head Adam Mosseri said that the pla...