Nov 23: GoDaddy Inc claimed that up to 1.2 million active and inactive Managed WordPress customers had their email addresses and customer numbers got hacked.
GoDaddy Inc, an internet domain registrar and web hosting company, in a statement, claimed that on November 17, 2021, the company discovered unauthorized third-party access to the Managed WordPress hosting environment. It further went on to say that the exposure was a result of a phishing attack.
The statement further reads that while the initial investigation has revealed that access was gained using a compromised password during the beginning of September 6, 2021.
GoDaddy claimed that while the original WordPress Admin password that was set at the time of provisioning was exposed, in case the same credentials were still in use, the company had reset those passwords.
Also Read:Â Check out this next level Wedding invitation that invokes Constitutional Article
“For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords. For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for those customers,” said the domain registrar giant.
The statement further added that while the company’s investigation is ongoing and they are contacting all impacted customers directly with specific details.
