In a filing with the Securities and Exchange Commission, Popular Web registrar and hosting company GoDaddy has confirmed that it was recently hacked and account details of up to 1.2 million users have been accessed. The company believes that the breach first happened on September 6th, 2021.
Godaddy accepted that someone gained unauthorized access to its Managed WordPress hosting environment. This allowed access to email addresses, customer numbers of around 1.2 million users. Hackers also gained access to admin passwords or WordPress sites hosted on the platform and passwords for sFTPs, databases, and SSL private keys.
The company is now investigating the matter and has already consulted with law enforcement and a private IT forensics firm. To safeguard its users, the company has reset the relevant credentials and will issue new SSL certificates to its users.
Also see: WordPress Courses, WordPress Tutorials & WordPress Certifications
Hackers can use email addresses to target phishing attacks. The company has already reset the passwords of WordPress, sFTP, and database, but I recommend all customers to change the passwords again. SSL private keys can be abused to impersonate a customer’s website or services.
Godaddy is a popular domain and hosting provider with more than 20 million customers worldwide. This incident will surely affect its reputation.
