Are you a GoDaddy customer? Do you maintain a WordPress blog with the company?
If so be advised that the company recently announced a breach of their network. An as yet unidentified third party accessed GoDaddy's Managed WordPress hosting environment.
Based on the investigation to date the intrusion began on September 6, 2021. While taking advantage of a vulnerability the company was unaware of at the time the unknown attacker was able to gain access to a variety of information.
The information taken includes:
- The email addresses and customer numbers of more than 1 million Managed WordPress customers (both active and inactive)
- The original WordPress Administrative password that was set at the time of provisioning
- For active customers, the SFTP and database usernames and passwords
- And for some customers (exact number unknown at this time), the SSL private key
The company has retained the services of an independent third-party security firm to assist them with their investigation. That investigation is ongoing but the company has already reset the SFTP and database passwords for all impacted users. They are in the process of issuing and installing new certificates for customers who had their SSL private keys exposed.
The company is in the process of contacting all impacted users. If your email address was exposed, you will definitely want to keep a sharp eye out for phishing attacks targeting your email address.
As is the case any time an event like this occurs the company apologized and stressed that they take customer data security very seriously. No additional information is available at this time but bear in mind that the investigation is still ongoing.
It's unfortunate but not altogether unsurprising. A company as large as GoDaddy with millions of customers is an attractive target for almost any hacker. Stay vigilant out there. This won't be the last major breach we see this year.