The GoDaddy breach, which took place in September and went relatively unnoticed for two months, affected over a million clients, whose WordPress Managed Hosting passwords have been changed by the web-hosting giant in an effort to consolidate trauma.
On November 17th, the company informed the United States Security and Exchange Commission (SEC) that an “unauthorized third-party access” to their “Managed WordPress hosting environment.” was discovered.
However, according to GoDaddy’s investigation, the intrusion started on 6th September 2021, over two months later.
GoDaddy describes the security event as a vulnerability, caused by inadequate security that did not meet industry standards, security researchers say, and proceed to add that a simple password change is not enough to fix the consequences caused by the hackers, meaning that 1.2 million GoDaddy clients might remain endangered.
As for the comprised data, the investigation revealed that hackers found their way into companies’ email addresses, customer numbers, original WordPress administrator level passwords, secure FTP (SFTP) usernames and passwords, database usernames and passwords, SSL private keys and others.
To make sure that your company’s data stays safe and sound, try using some of the best website hosting providers in Canada.