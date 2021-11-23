GoDaddy, a company that offers web hosting services, has reported a WordPress data breach that, for now, is known to have affected 1.2 million customers around the world. GoDaddy’s chief information security officer, Demetrius Comes, was in charge of announcing that the company detected unauthorized access to your systems where you host and manage WordPress servers of your customers.

GoDaddy said that the person or persons who accessed these systems used a compromised password to access GoDaddy systems. This is believed to have happened on September 6, although GoDaddy said it discovered the breach last week, on November 17, and made it public just hours ago. It is unclear if the compromised password was protected with two-factor authentication.

Wix’s controversial campaign against WordPress

Also inactive users are affected

The gap is known to affect 1.2 million both active and inactive WordPress users. Above all, email addresses and customer numbers have been exposed. GoDaddy said this exposure could trigger phishing attacks on people whose information has been stolen.

The web host also said that it is possible that hackers got hold of the original password of the WordPress administrators. That is to say, the one created when the account was first opened and that this could be used to access a client’s WordPress server.

The GoDaddy spokesperson explained that other data that has been able to be extracted from active clients are their sFTP credentials (for file transfer), and the usernames and passwords for their WordPress databases, which store all the content of the Username. In some cases, the client’s SSL (HTTPS) private key was exposed. If these hackers decide to use it, they could spoof the website or the client’s services.

GoDaddy Solutions and What to Do for Protection





GoDaddy has said that it has reset the passwords and private keys of WordPress clients, and that is in the process of issuing new SSL certificates.

It must be remembered that this company that offers web hosting services or web hosting has more than 20 million customers around the world. For now, the company has declined to comment on the ongoing investigation process.

In addition, expert security companies suggest that you activate two-factor authentication to access your WordPress account, if you have not done so already. Thus, for attackers it will be more difficult to access using the filtered passwords, as they would need more than this stolen password.

It is also recommended that you review all the files on your site, especially the ones from WordPress plugin and theme directories. By uploading infected plugins, attackers can re-enter your account later, even after all original issues have been patched and stolen passwords have been changed.

Beware of anyone who contacts you and offers “help” to clean up your account. The attackers have the email addresses of all affected users, so these “offers” could come directly from them in the form of phishing.