GoDaddy, the web-hosting giant, has disclosed it has suffered from a data breach.

The attackers have gained access to GoDaddy’s Managed WordPress hosting environment.

Although the breach was discovered on November 17, according to GoDaddy’s investigation the attackers have infiltrated the systems on September 6.

The attackers have gained access to the following information:

• Up to 1.2 million active and inactive Managed WordPress customers had their email addresses and customer numbers exposed. The exposure of email addresses presents a risk of phishing attacks.
• The original WordPress Admin password that was set at the time of provisioning was exposed.
• For active customers, sFTP and database usernames and passwords were exposed.
• For a subset of active customers, the SSL private key was exposed.

Mitigation

GoDaddy has done the following:

• Reset passwords of WordPress Admin users
• Reset passwords for active customers of both sFTP and database
• In the process of issuing and installing new certificates for customers that their SSL private key was exposed

Recommendation

The exposure of email addresses presents a high risk of phishing attacks.

Therefore, CYREBRO recommends raising awareness among employees regarding the potential risk.

References: GoDaddy Advisory