{"id":42613,"date":"2021-11-23T15:47:51","date_gmt":"2021-11-23T15:47:51","guid":{"rendered":"http:\/\/icloud.pe\/blog\/?guid=c6c3e448e208c3193954683fcd3c6624"},"modified":"2021-11-23T15:47:51","modified_gmt":"2021-11-23T15:47:51","slug":"godaddy-data-breach-exposes-over-1-2-million-customer-details","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/godaddy-data-breach-exposes-over-1-2-million-customer-details\/","title":{"rendered":"GoDaddy data breach exposes over 1.2 million customer details"},"content":{"rendered":"<p><span class=\"field field-name-field-author field-type-node-reference field-label-hidden\"><br \/>\n      <span class=\"field-item even\"><a href=\"https:\/\/www.cloudpro.co.uk\/authors\/danny-bradbury\">Danny Bradbury<\/a><\/span><br \/>\n  <\/span><\/p>\n<div class=\"field field-name-field-published-date field-type-datetime field-label-hidden\">\n<div class=\"field-items\">\n<div class=\"field-item even\"><span class=\"date-display-single\">23 Nov, 2021<\/span><\/div>\n<\/p><\/div>\n<\/div>\n<p class=\"short-teaser\">\n<a href=\"https:\/\/www.cloudpro.co.uk\/\" title=\"\" class=\"combined-link\"><\/a><\/p>\n<div class=\"field field-name-body\">\n<p>Hosting company <a href=\"https:\/\/www.itpro.co.uk\/search\/godaddy\" data-cke-saved-href=\"https:\/\/www.itpro.co.uk\/search\/godaddy\">GoDaddy<\/a> has said that around\u00a01.2 million users have been affected by a data breach on its managed <a href=\"https:\/\/www.itpro.co.uk\/search\/wordpress\" data-cke-saved-href=\"https:\/\/www.itpro.co.uk\/search\/wordpress\">WordPress<\/a> hosting service.<\/p>\n<p>The hack is said to have exposed email addresses, customer numbers, administrative login credentials, and in some cases <span class=\"scayt-misspell-word\" data-scayt-word=\"SSL\" data-wsc-lang=\"en_GB\" data-wsc-id=\"kwc9mqxsfp08akxu6\">SSL<\/span> private keys.<\/p>\n<p>The hosting company discovered that an intruder had gained access to its managed <span class=\"scayt-misspell-word\" data-scayt-word=\"WordPress\" data-wsc-lang=\"en_GB\" data-wsc-id=\"kwc9msyvz4kvgg2hp\">WordPress<\/span> hosting environment on Nov 17, it said in a filing with the SEC. The intruder used a stolen password to access the provisioning system for the service.<\/p>\n<p>Up to 1.2 million active and former users of the company&#8217;s managed service\u00a0had their email addresses and customer numbers exposed, the company said, raising the possibility of further <a href=\"https:\/\/www.itpro.co.uk\/search\/phishing\" data-cke-saved-href=\"https:\/\/www.itpro.co.uk\/search\/phishing\">phishing attacks<\/a> to come. The original administrative passwords for the managed <span class=\"scayt-misspell-word\" data-scayt-word=\"WordPress\" data-wsc-lang=\"en_GB\" data-wsc-id=\"kwc9mt1tm7zb5rs81\">WordPress<\/span> accounts were also available to the hacker, putting the accounts themselves at risk if the credentials were still in use.<\/p>\n<p>Also exposed were <span class=\"scayt-misspell-word\" data-scayt-word=\"sFTP\" data-wsc-lang=\"en_GB\" data-wsc-id=\"kwc9mt4vvp5lhx8z2\">sFTP<\/span> and database usernames and passwords, and an undisclosed number of users also had their <span class=\"scayt-misspell-word\" data-scayt-word=\"SSL\" data-wsc-lang=\"en_GB\" data-wsc-id=\"kwc9mt4vaziqryeb3\">SSL<\/span> private keys exposed.<\/p>\n<p><span class=\"scayt-misspell-word\" data-scayt-word=\"GoDaddy\" data-wsc-lang=\"en_GB\" data-wsc-id=\"kwc9mt7wks88r693p\">GoDaddy<\/span> discovered that the intruder had been inside the system since September 6, meaning that the hacker has had access to the data for over two months. It worked with a forensics company upon discovering the incident, and has taken steps\u00a0to safeguard its systems, including changing original administrative passwords that were still in use, resetting <span class=\"scayt-misspell-word\" data-scayt-word=\"sFTP\" data-wsc-lang=\"en_GB\" data-wsc-id=\"kwc9mtaudq8enegb6\">sFTP<\/span> and database passwords, and installing new digital certificates for affected customers.<\/p>\n<p>&#8220;We are sincerely sorry for this incident and the concern it causes for our customers,&#8221; the company said in its filing. &#8220;We, <span class=\"scayt-misspell-word\" data-scayt-word=\"GoDaddy\" data-wsc-lang=\"en_GB\" data-wsc-id=\"kwc9mrslf4xq2kv42\">GoDaddy<\/span> leadership and employees, take our responsibility to protect our customers\u2019 data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.&#8221;<\/p>\n<p>In 2017, the company revoked thousands of <span class=\"scayt-misspell-word\" data-scayt-word=\"SSL\" data-wsc-lang=\"en_GB\" data-wsc-id=\"kwc9msgmgis4p3ro0\">SSL<\/span> certificates after issuing them without proper checks and authorization. In January 2019, an independent researcher found a vulnerability in its process for handling <span class=\"scayt-misspell-word\" data-scayt-word=\"DNS\" data-wsc-lang=\"en_GB\" data-wsc-id=\"kwc9msvsdn0pu3vyw\">DNS<\/span> change requests that enabled hackers to hijack domains and create phishing campaigns. It also notified customers of a hack that exposed SSH login details in the same year. <\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>      Danny Bradbury<\/p>\n<p>        23 Nov, 2021    <\/p>\n<p>      Hosting company GoDaddy has said that around\u00a01.2 million users have been affected by a data breach on its managed WordPress hosting service.<br \/>\nThe hack is said to have exposed email addresses, c&#8230;<\/p>\n","protected":false},"author":636,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-42613","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42613","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/636"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=42613"}],"version-history":[{"count":1,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42613\/revisions"}],"predecessor-version":[{"id":42614,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/42613\/revisions\/42614"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=42613"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=42613"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=42613"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}