In a blog post, GoDaddy’s Chief Information Security Officer (CISO) Demetrius Comes said he discovered unauthorized access to its managed WordPress servers.
“Up to 1.2 million active and inactive managed WordPress customers have had their email address and customer number exposed. Exposing email addresses poses a risk of phishing attacks,” Comes said. Monday evening.
On November 17, the company discovered unauthorized third-party access to our managed WordPress hosting environment.
“We identified suspicious activity in our managed WordPress hosting environment and immediately began an investigation with the help of an IT consulting firm and contacted law enforcement. Using a compromised password, an unauthorized third party gained access to the provisioning system in our legacy code base for managed WordPress. “, explained the company.
GoDaddy has warned users that this exposure may put users at increased risk of phishing attacks.
The investigation is ongoing, but “we have determined that as of September 6, 2021, the unauthorized third party used the vulnerability to access the following customer information,” the company informed.
The original WordPress admin password that was set at the time of provisioning has also been exposed.
“If these credentials were still in use, we will reset those passwords. For active clients, the sFTP and database usernames and passwords have been exposed. We reset both passwords. “said GoDaddy.
“We are sincerely sorry for this incident and the concern it causes among our customers. We will learn from this incident and are already taking steps to strengthen our supply system with additional layers of protection,” Comes said. .