GoDaddy Managed WordPress hosting customers suffered a data breach. Passwords have been reset but effects may still be persist
Over one million GoDaddy hosting customers suffered a data breach in September 2021 that went unnoticed for two months. GoDaddy described the security event as a vulnerability. Security researchers indicate that the cause of the vulnerability was due to inadequate security that did not meet industry best practices.
The statement by GoDaddy announced that they have changed passwords for the affected customers of their WordPress Managed Hosting.
However simply changing passwords does not completely fix possible problems left behind by hackers, which means that up to 1.2 million GoDaddy hosting customers may remain affected by security issues.
Who is Affected And How
GoDaddy’s statement says that up to 1.2 million customers of their WordPress managed hosting environment may be affected by the security breach.
According to the statement to the SEC the data breach was due to a compromised password in their provisioning system.
A provisioning system is the process for setting up customers with their new hosting services, by assigning them server space, usernames and passwords.
GoDaddy Customer data that was exposed:
- Email addresses
- Customer numbers
- Original WordPress administrator level passwords
- Secure FTP (SFTP) usernames and passwords
- Database usernames and passwords
- SSL private keys
Millions of #GoDaddy customer data compromised in breach.
List of steps to take to lock down an account
#GoDaddy has provided a good list of steps to take to lock down an account that might be potentially compromised:
🔐Change your password and your PIN
🔐Enable two-factor authentication (2FA) if you haven’t already
🔐Change the payment methods you have stored in your account, and delete those you don’t use. It would also be good to keep an eye on your bank account transactions and be ready to flag those that are fraudulent.
🔐Remove delegate access for anyone you’ve allowed into your account
🔐Remove any unknown API keys by deleting them.
🔐Verify your domain contact information is correct to avoid someone taking it over
🔐Remotely log out of your GoDaddy account, which will sign you out of all devices and browsers.
Stay safe!
References.
Citations
https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm