The web hosting and domain registrar giant GoDaddy went through a cyber attack in which the details of more than a million users – active and inactive – were leaked in its WordPress web hosting service. The company revealed the huge leak in an update they have sent to the U.S. Securities and Exchange Commission (SEC).

The Password for the System Has Leaked

According to GoDaddy’s announcement, the leak occurred last September – when a hacker managed to gain access to the company’s system, which was designed to build and configure users’ new websites in its WordPress web hosting service. GoDaddy says that the attacker was able to gain access to the system and extract the email addresses of more than a million users as a result of using a password for the leaked system.

Although the incident happened in early September, GoDaddy admits that they discovered the leak of a huge amount of their user information only last week – on November 17 – so the company also blocked that hacker’s access to users’ information through the leaked password, and contacted authorities.

Along with the leaks of 1.2 million leaked users, the storage and domain sales giant also noted that the attacker’s access to the company’s system also exposed him to admin passwords for WordPress sites set up using GoDaddy, and to details that allowed him to access active users’ databases. Along with all these details, the details published by the company indicate that the SSL keys of some of the users have also been leaked.

GoDaddy can not do anything about the leaked emails, other than to state that “they are now exposed to phishing attacks”. The company resets all leaked passwords and replaces the SSL keys of the exposed sites (all active sites), for the affected users so if you are an existing user or looking to register a new domain, the breach should not affect you. The company further said it had contacted all affected users and would update them on their details leaked following the attack.

History of Data Leaks

This is not the first time the American giant’s name has been linked to information leaks. In 2018, information from the company’s servers was revealed after these were stored in AWS’s unsecured Bucket. Last year, GoDaddy revealed that the details of “only” 28,000 users were leaked after access to the company’s systems by an “unauthorized person”. And it does not stop there. In 2020, the company’s employees also managed to fall into the trap of scammers who took management information from them to the websites of several crypto platforms – which they took down from the air.

It’s also interesting to ready Wordfence take on it. We hope that GoDaddy tech and management personal learn its lessons from each and every incident, and strengthen its engineering practices to avoid such data leaks in the future.

Follow me