On November 17, 2021, the management of GoDaddy announced a data breach that could put 1.2 million active and inactive WordPress websites at risk of phishing attacks.
The hosting company made it known to the general public and security agency that from September 6, an unauthorized third party gained access to their authentication services and has been using the vulnerability. GoDaddy assured its customers that they had hired a Forensics security firm to investigate the hacking, and very soon, they will reveal the culprits behind this hacking.
However, it seems the hackers have gained access for far too long, and it will take time and lots of effort for GoDaddy to purge them out of their system thoroughly as another intrusion happened a few days after the company announced the first data breach.
The intrusion that only exposed data of WordPress websites hosted on GoDaddy has now extended to include six other GoDaddy Managed WordPress Resellers, including 123reg, Domain Factory, Heart Internet, Host Europe, Media Temple, and tsoHost.
To curb and reduce the effect of the attack, the domain registering company has sent emails to all the affected customers to apologize for the data breach and inform them about how the hacking could affect their businesses. The following are the information that was exposed due to the intrusion;
- The data of about 1.2 million active and inactive WordPress websites hosted on their servers, including customers’ email addresses and phone numbers
- Website’s WordPress Admin passwords that were set during the web hosting
- sFTP and database usernames and passwords of active websites were also exposed
- Some customers SSL certificates
What Has Godaddy Done Since the Data Breach?
Aside from reporting the case and messaging affected customers via email, the hosting company has also tried fixing this mess by;
- Blocking the access of the unauthorized third party
- Reinstalling the SSL certificates those websites that were exposed
- Resetting customers WordPress Admin passwords and urged them to set new sFTP password and database password
- Advising customers to change the passwords of their other accounts that use the same password as their WordPress account
- Advising customers to watch out for fraudulent messages sent to their email claiming to be from GoDaddy or any of their WordPress hosting platforms.
All GoDaddy customers are advised to check their emails for a message from the hosting company to know if their websites are affected or not. The company is already sending messages to those affected and will make sure that all affected websites are notified. However, if your website belongs to any of the GoDaddy WordPress Managed Resellers listed earlier and haven’t gotten an email from the company, quickly contact your web host to know your site security status.
Also, bloggers and business owners that have their websites hosted on GoDaddy’s server are advised to stay updated for news from the hosting company. Moreover, be vigilant for any fraudulent activities on your website.