GoDaddy on Monday disclosed a recent data breach that has affected around 1.2 million managed WordPress customer accounts.
GoDaddy is the world’s largest domain name registrar and web hosting giant that provides services to an estimated 20 million customers around the world.
In a document filed to the Securities and Exchange Commission (SEC) on Monday, GoDaddy said that the website hosting company discovered an “unauthorized third-party” access to their Managed WordPress hosting environment on November 17, 2021.
The data breach has resulted in the exposure of email address and customer number of up to 1.2 million active and inactive Managed WordPress accounts, original WordPress Admin passwords, sFTP and database usernames and passwords, as well as SSL private keys for a subset of active customers.
According to GoDaddy, this incident has been going on since September 6, 2021, which increases the risk of email phishing attacks against impacted customers, warns GoDaddy.
Demetrius Comes, CISO & VP of Engineering at GoDaddy, wrote in the disclosure that upon identifying the incident, the company immediately contacted the law enforcement. It has also blocked the unauthorized third party from its system and begun an investigation with the help of an IT forensics firm.
Meanwhile, GoDaddy has reset WordPress admin passwords used at the time of the breach as well as sFTP and database passwords. The company is also in the process of issuing and installing new certificates for a subset of active customers whose SSL private keys were exposed.
“Our investigation is ongoing and we are contacting all impacted customers directly with specific details. Customers can also contact us via our help center (https://www.godaddy.com/help) which includes phone numbers based on country,” Comes wrote.
“We are sincerely sorry for this incident and the concern it causes for our customers. We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”
This is not the first time that GoDaddy has been impacted by a data breach. Last year, the company had confirmed that thousands of its web hosting accounts were breached by an unauthorised individual exposing web hosting account credentials.