Tech News

Tech Business News

  • Home
  • Technology
  • Business
  • News
    • Technology News
    • Local Tech News
    • World Tech News
    • General News
    • News Stories
  • Media Releases
    • Tech Media Releases
    • General Media Releases
  • Advertisers
    • Advertiser Content
    • Promoted Content
    • Sponsored Whitepapers
    • Advertising Options
  • Cyber
  • Reports
  • People
  • Science
  • Articles
    • Opinion
    • Digital Marketing
    • Guest Publishers
  • About
    • Tech Business News
    • News Contributions -Submit
    • Journalist Application
    • Contact Us
Reading: GoDaddy Security Incident Report.
Share
Font ResizerAa
Tech Business NewsTech Business News
  • Home
  • Technology News
  • Business News
  • News Stories
  • General News
  • World News
  • Media Releases
Search
  • News
    • Technology News
    • Business News
    • Local News
    • News Stories
    • General News
    • World News
    • Global News
  • Media Releases
    • Tech Media Releases
    • General Press
  • Categories
    • Crypto News
    • Cyber
    • Digital Marketing
    • Education
    • Gadgets
    • Technology
    • Guest Publishers
    • IT Security
    • People In Technology
    • Reports
    • Science
    • Software
    • Stock Market
  • Promoted Content
    • Advertisers
    • Promoted
    • Sponsored Whitepapers
  • Contact & About
    • Contact Information
    • About Tech Business News
    • News Contributions & Submissions
Follow US
© 2022 Tech Business News- Australian Technology News. All Rights Reserved.
Tech Business News > Reports > GoDaddy Security Incident Report.
Reports

GoDaddy Security Incident Report.

Matthew Giannelis
Last updated: July 10, 2023 6:21 pm
Matthew Giannelis
Share
SHARE

The GoDaddy Password Breach Affected Over a Million Users

GoDaddy says that in November 2021, it realised there were cybercriminals on it’s network, kicked them out, tried to determine when the hackers got in and what they managed to do while they were inside.

The company has not ceased to investigate the hacking incident. They contacted law enforcement and an IT forensics firm, reset all affected customers passwords. However, this latest data breach may also have exposed the email addresses of 1.2 million customers, making them vulnerable to phishing attacks.

GoDaddy detected suspicious activity in their Managed WordPress hosting environment and immediately began an investigation.

Chief Information Security Officer Demetrius Comes said, using a compromised password, an unauthorised third party accessed the provisioning system in our legacy code base for Managed WordPress

“Upon identifying this incident, we immediately blocked the unauthorised third party from our system,” said Demetrius

“Our investigation is ongoing, but we have determined that, beginning on September 6, 2021, the unauthorised third party used the vulnerability to gain access to the following customer information :

•Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks.

•The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, we reset those passwords.

•For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords.•For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for those customers.

The GoDaddy password breach is the latest security incident that has exposed the personal information of customers. This incident affected those who use the WordPress web content management system, as well as those who use the GoDaddy domain.

With ten weeks in hand before being spotted, the attackers could have used sFTP passwords and compromised web certificates to perform further exploits against MWP users. In particular, crooks who know your sFTP password could, in theory, not only download the files that make up your site, steal your main content, but also upload unauthorised additions to the site.

Those unauthorised website additions could include:

  • Backdoored WordPress plugins to let the crooks sneak back in again even after your passwords are changed.
  • Fake news that would embarrass your business if customers were to come across it.
  • Malware directly targeting your site, such as crypto mining or data-stealing code designed to run right on the server.
  • Malware targeting visitors to your site, such as zombie malware to be served up as part of a phishing scam.
TAGGED:Cyber attacksgodaddyReports
By Matthew Giannelis
Follow:
Secondary editor and executive officer at Tech Business News. An IT support engineer for 20 years he's also an advocate for cyber security and anti-spam laws.
Previous Article Live Chat How to install txt.me chatbox code on your site using Joomla?
Next Article Sydney Group Sydney’s “factory of the future” open and ready to drive statewide innovation
Leave a comment

Leave a Reply Cancel reply

You must be logged in to post a comment.

godaddy security breach

Tech Articles

Remote Work Trust & Rapport Team Members

How To Build Trust & Rapport With Remote Team Members

Building trust with a remote team members can feel like…

November 23, 2024
Influence Of Artificial Intelligence (AI) On Humanity

The Rising Influence Of Artificial Intelligence (AI) On Humanity And Identity

Humanity in Transition: The Rising Influence of Artificial Intelligence on…

November 8, 2024
IT managed services Australia

The Rise Of Managed IT Services In Australia

As we stand at the crossroads of technological advancement and…

October 14, 2024

Recent News

Global eCommerce Market
Reports

Global eCommerce Market Expected To See Continued Growth In 2023

5 Min Read
Digital transformation
Reports

Digital transformation retains Aussie flavour as tech M&A stays strong

5 Min Read
tech value report 2022
Reports

Top Tech Value Depreciation Report Reveals Least-Devalued Devices And Gadgets 2022

4 Min Read
6% of ANZ Businesses Alerted of Breach
Reports

New Research Reveals Only 6% Of ANZ Businesses Alerted Of Breach & Loss Of Data From 2022-23

4 Min Read
Tech News

Tech Business News

Stay up to date with the latest technology & business news trends from Australia and the around the world.

Technology News reports and whitepaper publishing services are available along with media and advertising options

Our Australian technology news includes People, Business, Science, World News, Local News, Guest publishers, IT News & Tech News Australia | Tech News was established in 2019

About

About Us 
Contact Us 
Privacy Policy
Copyright Policy
Terms & Conditions

December, 10, 2024

Contact

Contact Information.
Melbourne, Australia

Werribee 3030

Phone: +61 431401041

Hours : Monday to Friday, 9am 530-pm.


Tech News

© Copyright Tech Business News 

Latest Australian Tech News – 2024

Welcome Back!

Sign in to your account