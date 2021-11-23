Hosting giant GoDaddy has reported a data breach with US financial regulators and warns that data from 1.2 million customers may have been accessed.

In a lawsuit with the Securities and Exchange Commission, GoDaddy’s director of information security, Demetrius Comes, said the company had detected unauthorized access to its systems where it hosts and manages its customers’ WordPress servers.

WordPress is a web-based content management system used by millions to create blogs or websites. GoDaddy allows customers to host their own WordPress installations on their servers.

hacker attack

GoDaddy said the unauthorized person used a compromised password to gain access to GoDaddy systems around 6 September. GoDaddy said he discovered the breach last week on November 17th. It is unclear whether the compromised password was protected with two-factor authentication.

The lawsuit reports that the breach affects 1.2 million WordPress users, active and inactive, who have had their email addresses and customer numbers exposed. GoDaddy said this exposure could put users at greater risk for phishing attacks. The host also said that the original WordPress admin password, created when WordPress was first installed, which could be used to access a client’s WordPress server, was also exposed.

Data

The company said active customers had their sFTP credentials (for file transfers) and the usernames and passwords of their WordPress databases, which store all user content, exposed in the breach. In some cases, the client’s SSL private key (HTTPS) has been exposed, which, if abused, could allow an attacker to impersonate a client’s website or services.

GoDaddy said it is resetting WordPress passwords and customers’ private keys, and is in the process of replacing new SSL certificates.

The web host has more than 20 million customers across the world. A spokesperson for GoDaddy didn’t immediately comment.