GoDaddy, which specializes in managing domain names and providing web hosting services, has reported that the data of 1.2 million of its WordPress customers has been exposed because of a word compromised password.

GoDaddy discovered an intrusion into the WordPress hosting environment on November 17th.

This environment is used for creating and managing WordPress sites with online storage space.

Preliminary investigation showed that the data exposure began on September 6.

Compromised passwords, usernames and emails

1.2 million WordPress managers on GoDaddy had their email address, customer number, administrator password, username and sFTP password compromised. Some customers have also had their SSL key, the security protocol that encrypts data transmitted over the Web, made public.

"We sincerely regret this incident and the concerns it raises among our customers," said Demetrius Comes, general manager of information security at GoDaddy, in a statement.

As leaders and employees of GoDaddy, we take responsibility for protecting our customer's data, we do it very seriously, and we don't want to let it down.

We will learn a lesson from this incident, we are already taking the necessary steps to strengthen our system with a few additional layers of protection.

"

Malware possibly installed on certain sites

Once the threat was detected, GoDaddy initially revoked the cracked passwords.

The company then reset the administrator credentials of clients that were in use, reset sFTP passwords, and issued and installed new certificates to respond to the SSL exposure.

GoDaddy is currently contacting customers who have viewed the exposed data.

A support page has also been set up with a toll-free number.

The consequences of this hacking are numerous: sale of data, targeted phishing, etc. Access to sFTPs and databases could also have enabled hackers to install malicious software on the sites concerned.

They could remain active and manageable even after the password change.

For the moment, the origin of the hack has not been identified.

High-Tech

Cybersecurity: Vulnerability affects nearly 40% of Android phones worldwide

High-Tech

IT: Find out the worst passwords used in France in 2021

  • Phishing

  • Password

  • Cybersecurity

  • Cyber ​​attack

  • Cybercriminality

  • High-Tech

  • Personal data

  • Computer science

  • 0 comment

  • 0 share

    • Share on Messenger

    • Share on Facebook

    • Share on twitter

    • Share on Flipboard

    • Share on Pinterest

    • Share on Linkedin

    • Send by Mail

  • To safeguard

  • A fault ?

  • To print