Application Security

GoDaddy Breach Exposes 1.2 Million Managed WordPress Customer Accounts

Domain registrar and web hosting giant GoDaddy has been hacked and customer data for some 1.2 million WordPress users were exposed to the attacker for more than three months.

Ryan Naraine

November 22, 2021

Domain registrar and web hosting giant GoDaddy has been hacked and customer data for some 1.2 million WordPress users were exposed to the attacker for more than three months.

The Tempe, Arizona-based GoDaddy disclosed the breach in an SEC filing and confirmed that millions of users of its managed WordPress hosting service had sensitive data stolen, including database usernames and passwords, email addresses and private SSL keys.

GoDaddy did not provide details on the compromise beyond a note that the attacker used a compromised password to access the provisioning system in its legacy code base for Managed WordPress.

The company said the hack began on September 6 and, over the last three months, the attacker gained access to valuable customer information.

The raw details on the breach:

Up to 1.2 million active and inactive Managed WordPress customers had email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks.
The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, GoDaddy reset those passwords.
For active customers, sFTP and database usernames and passwords were exposed. GoDaddy said it reset both passwords.
For a subset of active customers, the SSL private key was exposed. GoDaddy says it is in the process of issuing and installing new certificates for those customers.

The company said its investigation is ongoing and that all impacted customers will be contacted directly with specific details.

GoDaddy security chief Demetrius Comes said the company is taking steps to strengthen its provisioning system with additional layers of protection.

This is not the first time GoDaddy has notified customers of a data breach. Back in May 2020, the company confirmed an incident exposed web hosting account credentials.

Advertisement. Scroll to continue reading.

Written By Ryan Naraine

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Latest News

Click to comment

CIEM Chat: How to Reduce Cloud Identity Risk

March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Virtual Event: Ransomware Resilience & Recovery Summit

April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

You Against the World: The Offenders Dilemma

Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves. (Tom Eston)

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

With automated, detailed, contextualized threat intelligence, organizations can better anticipate malicious activity and utilize intelligence to speed detection around proven attacks. (Marc Solomon)

Know Your Audience When Speaking to Security Practitioners

How can security practitioners make sense of the vendor landscape and separate those who talk a good game from those who can execute, perform, and solve real problems for enterprises? (Joshua Goldfarb)

Cybersecurity Mesh: Overcoming Data Security Overload

A significant cybersecurity challenge arises from managing the immense volume of data generated by numerous IT security tools, leading organizations into a reactive rather than proactive approach. (Torsten George)

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

The OODA Loop can be used both by defenders and incident responders for a variety of use cases such as threat assessment, threat monitoring, and threat hunting. (Etay Maor)

Vulnerabilities

Full Disclosure List Gets a Fresh Start – Reborn Under New Operator

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

SecurityWeek NewsMarch 26, 2014

Application Security

Source Code Security Firm Cycode Launches With $4.6 Million in Funding

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Eduard KovacsSeptember 24, 2019

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Eduard KovacsOctober 1, 2019

Cybercrime

Cyber Insights 2023 | Ransomware

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Kevin TownsendFebruary 2, 2023

Quantum computing and the cryptopocalypse

Data Protection

Cyber Insights 2023 | Quantum Computing and the Coming Cryptopocalypse

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Kevin TownsendFebruary 2, 2023

Zero Trust and Identity and Access Management

Identity & Access

Cyber Insights 2023 | Zero Trust and Identity and Access Management

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Kevin TownsendFebruary 6, 2023

Incident Response

Amazon’s Shuttering of Alexa Ranking Service Hits Cybersecurity Industry

Amazon has shut down Alexa.com.

Eduard KovacsMay 6, 2022

Data Breaches

ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Eduard KovacsMarch 28, 2023

SECURITYWEEK NETWORK:

ICS:

SecurityWeek

Application Security

GoDaddy Breach Exposes 1.2 Million Managed WordPress Customer Accounts

More from Ryan Naraine

Latest News

Trending

CIEM Chat: How to Reduce Cloud Identity Risk

Virtual Event: Ransomware Resilience & Recovery Summit

People on the Move

Expert Insights

You Against the World: The Offenders Dilemma

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

Know Your Audience When Speaking to Security Practitioners

Cybersecurity Mesh: Overcoming Data Security Overload

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

Related Content

Vulnerabilities

Full Disclosure List Gets a Fresh Start – Reborn Under New Operator

Application Security

Source Code Security Firm Cycode Launches With $4.6 Million in Funding

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

Cybercrime

Cyber Insights 2023 | Ransomware

Data Protection

Cyber Insights 2023 | Quantum Computing and the Coming Cryptopocalypse

Identity & Access

Cyber Insights 2023 | Zero Trust and Identity and Access Management

Incident Response

Amazon’s Shuttering of Alexa Ranking Service Hits Cybersecurity Industry

Data Breaches

ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation

SECURITYWEEK NETWORK:

ICS:

More from Ryan Naraine

Latest News

Trending

Daily Briefing Newsletter

CIEM Chat: How to Reduce Cloud Identity Risk

Virtual Event: Ransomware Resilience & Recovery Summit

People on the Move

Expert Insights

You Against the World: The Offenders Dilemma

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

Know Your Audience When Speaking to Security Practitioners

Cybersecurity Mesh: Overcoming Data Security Overload

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

Related Content

Vulnerabilities

Full Disclosure List Gets a Fresh Start – Reborn Under New Operator

Application Security

Source Code Security Firm Cycode Launches With $4.6 Million in Funding

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

Cybercrime

Cyber Insights 2023 | Ransomware

Data Protection

Cyber Insights 2023 | Quantum Computing and the Coming Cryptopocalypse

Identity & Access

Cyber Insights 2023 | Zero Trust and Identity and Access Management

Incident Response

Amazon’s Shuttering of Alexa Ranking Service Hits Cybersecurity Industry

Data Breaches

ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation