Up to 1.2 million GoDaddy customers’ data exposed in breach
1.2 million customers of GoDaddy, a popular web host and domain registrar, may have had their data accessed by an unauthorized actor. The company discovered a suspected intrusion on November 17, with suspicious access dating beginning on September 6th.
GoDaddy determined that a compromised password was used to access a GoDaddy system dedicated to WordPress services that the company offers up to customers that would like to host their content. Email addresses and customer numbers were exposed. This information in the hands of malicious attackers could lead to phishing attacks.
Usernames and passwords, and a subset of customers’ private SSL encryption keys were exposed. These passwords have since been reset and the company is beginning to work on issuing new SSL certificates. In the company’s quarterly SEC filing, they acknowledged that they face significant attacks and persistent threats by malicious actors looking to transfer domain names related to cryptocurrencies.
Demetrius Comes, Chief Information Security Officer of GoDaddy, wrote “We are sincerely sorry for this incident and the concern it causes for our customers. We, GoDaddy leadership and employees, take our responsibility to protect customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”
More information can be found at:
https://www.cyberscoop.com/godaddy-data-breach/
https://www.sec.gov/ix?doc=/Archives/edgar/data/1609711/000160971121000115/gddy-20210930.htm#ic1ef7a372e3f465e88d8e6f8537035f5_142
https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm