• About
  • Privacy Policy
  • Contact
Tech Newsday
  • Security
  • Future of Work
  • Mobility
  • Emerging Tech
  • Today’s News
No Result
View All Result
Tech Newsday
  • Security
  • Future of Work
  • Mobility
  • Emerging Tech
  • Today’s News
No Result
View All Result
Tech Newsday
No Result
View All Result
Home Security

GoDaddy Security Breach Affects 1 Million WordPress Users

TND News Desk by TND News Desk
November 25, 2021
in Security
0 0
0

GoDaddy recently announced that it is in the midst of a major security breach that has affected the accounts of more than one million of its WordPress clients.

During the filing last Monday with the Securities and Exchange Commission, GoDaddy Chief Information Security Officer Demetrius Comes said that on November 17, 2021, the hosting company was able to detect unauthorized third-party access to its managed WordPress hosting environment.

After consulting law enforcement officers and further investigation at an IT forensics firm, GoDaddy discovered that the third party used a compromised password to gain access to the provisioning system in its legacy code base for Managed WordPress.

GoDaddy provides Managed WordPress hosting for users who want to create and manage their own WordPress blogs and websites. Simply, the “managed” part means that GoDaddy will be the one to do all the basic administrative tasks, including installing and updating WordPress and backing up hosted websites.

The breach has already led to a number of problems. First, the email addresses and customer numbers of around 1.2 million active and inactive Managed WordPress users were disclosed. Second, the original WordPress Admin passwords set at the time of deployment were also uncovered and already reset by GoDaddy.

Third, the Secure File Transfer Protocol (sFTP) and database usernames and passwords have been compromised and reset by the company. Fourth, the SSL private key has been exposed to a number of active customers, which means that the company must issue new SSL certificates for these customers.

Comes explained that GoDaddy had already blocked the third party out of its system. However, the company also found that the perpetrators had been using the compromised password since September 6, giving them more than two months to wreak havoc on the system before they were discovered.

The investigation is still ongoing. On behalf of the company, Comes has apologized for the breach and committed to improving GoDaddy’s provisioning system with more layers of protection.

However, the extent of the damage caused by this breach has yet to be assessed. Since so many accounts have been exposed, there is a very high probability that the attackers would hurry to exploit the stolen login credentials and other data to launch even more attacks

For more information, read the original story in TechRepublic.

Tags: GoDaddy

Subscribe

About Tech News Day

In just 10 minutes you will have all your leadership tech news needs covered. Our Editors browse the top tech news sites for you, get rid of the fluff and post summaries of the best. Our content is created by trained professionals and enhanced for IT leaders using leading edge artificial intelligence.

About

Tech Newsday

Tech News Day picks the new, most relevant tech stories.

Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize these to give you a quick summary and the key takeaways.

SUBSCRIBE

Categories

  • Artificial Intelligence
  • Auto Tech
  • Blockchain
  • Careers & Education
  • Channel Strategy
  • Cloud
  • Communications & Telecom
  • Companies
  • Data & Ananytics
  • Development
  • Digital Transformation
  • Distribution
  • Diversity & Inclusion
  • eCommerce
  • Emerging Tech
  • End User Hardware
  • Engineering
  • Financial
  • Fintech
  • Future of Work
  • Governance
  • Government & Public Sector
  • Human Resources
  • Infrastructure
  • IoT
  • Leadership
  • Legal
  • Legislation & Regulation
  • Managed Services & Outsourcing
  • Marketing
  • Martech
  • Medical
  • Mobility
  • Not for Profit
  • Open Source
  • Operations
  • People
  • Podcasts
  • Privacy
  • Security
  • Service
  • Smart Home
  • SMB
  • Social Networks
  • Software
  • Supply Chain
  • Sustainability
  • Today's News
  • Top Stories This Week
  • Women in Tech
  • Home
  • Today’s News
  • About
  • Privacy
  • Contact

2022 Tech News Day

No Result
View All Result
  • Security
  • Future of Work
  • Mobility
  • Emerging Tech
  • Today’s News

2022 Tech News Day

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Why are you leaving?

About Tech News Day

Tech News Day is a daily publication featuring key daily news stories about technology and how it affects businesses. We know that you are busy and that there’s a lot of information coming at you. While there are lots of programs that will curate based on what you have already read or followed, Tech News Day picks the new stories that we feel are most relevant.

Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize these to give you a quick summary and the key takeaways. If you want to do a deeper dive and get even more information, we provide a link to at least one of the longer stories from one of our sources (we are often following stories from more than one source).

We also have a daily podcast, published each morning so that you can get the news stories of the day from wherever you get your podcasts.

We hope you find this to be useful to you in keeping up to date in these challenging times. We love your input and opinions. You can use our feedback widget to rate individual stories or you can write us at NewsDesk@technewsday.com.

Click Here

-
00:00
00:00

Queue

Update Required Flash plugin
-
00:00
00:00