GoDaddy, one of the largest web hosting companies and domain registrars, recently suffered an information breach that exposed some 1.2 million customers.
The web hosting company also revealed that the incident affected a number of marketers of managed WordPress services, including tsoHost, Temple of Media, 123 Reg, Domain Factory, Heart Internet, And Hosts Europe.
Dan Rice, VP of Corporate Communications at GoDaddy declared:
A small number of active and inactive managed WordPress users in these brands have been affected by the security incident.
No other brand is affected. These brands have already contacted their customers respectively with specific detail and recommended action.
How did the data breach occur?
GoDaddy noticed the data breach on November 17thGod’ Once cybercriminals were able to gain access to the web hosting giant’s Managed WordPress hosting environment.
According to BleepingComputer, threat agents have had access to the company’s systems and data on networks that have been hacked at least since September 6, 2021.
We identified a suspicious activity in our managed hosting environment in WordPress and immediately started an investigation with the help of an IT forensics company and contacted law enforcement.
Using a hacked password, an unauthorized third party accesses the assignment system in our old code base for managed WordPress.
The investigation is underway, according to GoDaddy, which has begun contacting all affected customers individually with detailed information. Customers can also use the company’s help center to contact them.
GoDaddy customers received a message this week that attackers have been able to gain access to certain login information for management services, especially customer numbers and email addresses associated with accounts, WordPress login initially set up, and sFTP and database usernames and passwords.
This means that the unauthorized party could gain the ability to access and make changes to your managed WordPress service, including modifying your site and the content stored on it.
GoDaddy has experienced data breaches in the past
Last year, in May, a web hosting company announced to some of its customers that in October, an unauthorized entity used the web hosting account login information to log in to its hosting account via SSH.
GoDaddy’s security team discovered the attack after noticing an SSH file that had changed in GoDaddy’s hosting environment and suspicious behavior in a subgroup of GoDaddy’s servers.
According to BleepingComputer, two years ago, scammers created 15,000 subdomains using hundreds of hijacked GoDaddy accounts, seeking to impersonate popular sites and send possible targets to spam pages promoting snake oil products.
How can Heimdal ™ help you?
Data breaches are very common nowadays and system vulnerabilities generally facilitate hackers’ intrusion. This is why a system should always be updated and apply the latest fixes. But what do you do if you can not always keep track of what repairs need to be pasted? You are using an automatic device Repair management solution.
Heimdal ™ has this solution and is very effective because it really saves you time. You will always have control over your software inventory, enabling patch management from anywhere in the world. What’s even cooler is the vendor’s waiting time for the end user, which means that in less than 4 hours the patches that have been released, tested and repackaged, are available in your Heimdal cloud for deployment. Find more on our site Website!
If you liked this article, follow us LinkedIn, Twitter, Facebook, YouTube, And Instagram For more news and topics on cyber security.
