Site icon ICT Frame

GoDaddy Discloses Security Breach Data of 1.2 Million WordPress Users Exposed

NTC Data Breach
Share It On:

25th November 2021, Kathmandu

GoDaddy, a domain name registrar center and web hosting organization, revealed a data breach incident that uncovered the data of 1.2 million clients.

A disclosure released by the organization said that in an incident found on November 17, 2021, an unauthorized third party had accessed the organization’s Managed WordPress hosting interface. The unauthorized access was quickly blocked on the discovery, and a forensic investigation was started.

“Utilizing a compromised secret key, an unauthorized third party got to the provisioning system in our legacy code base for Managed WordPress. After distinguishing this incident, we quickly blocked the unauthorized third party from our system.

Our investigation is progressing, however still up in the air starts on September 6, 2021, the unauthorized third party utilized the vulnerability to get access to our client data,” expressed Demetrius Comes, Chief Information Security Officer GoDaddy.

Clients Affected

The notification shared the accompanying client data:

Strangely, GoDaddy has an assistance page for “My site was hacked. How should I respond?”, posting alerts and best practices to keep.

In May, the organization likewise unveiled a breach last year. In October, it alerted some of its clients that an unauthorized third party utilized their web hosting account credentials to connect with their hosting account through SSH.

GoDaddy’s security group found that occurrence after recognizing a changed SSH file in GoDaddy’s hosting interface and dubious activity on a subset of GoDaddy’s servers.

GoDaddy is one of the world’s biggest domain registrars and a web hosting organization offering services to more than 20 million clients worldwide.

In a blog post on krebsonsecurity.com, Brian Krebs published content regarding how fraudsters redirected email and web traffic destined for cryptocurrency trading platforms, and the attacks were facilitated by scams targeting employees at GoDaddy.


Share It On:
Exit mobile version