GoDaddy is the largest web hosting and domain registrar in the world. When it suffers a security breach, the problem will be widespread an affect many people. And that’s the case this week with the company confirming a breach and saying the latest loss of data is affecting 1.2 million customers.
In a public filing to the U.S. Securities and Exchange Commission (SEC), GoDaddy confirmed a data breach against its servers. Specifically, a threat actor without authority gained access to GoDaddy systems on Sept. 6 and syphoned data for over two months until the company noticed the breach on Nov. 17.
“We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement,” Demetrius Comes, GoDaddy CISO, confirmed.
GoDaddy says the attack happened through the Managed WordPress hosting service, which is a site-building component of the platform. Customers use the service to build their own sites on WordPress’ CMS. GoDaddy handles the hosting so users do not need to update their sites themselves.
This is part of the GoDaddy package but is not used by all customers. 1.2 million of those who do use the service have been affected:
“Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress,” Comes adds.
The company says the cybercriminals made off with an assortment of data, including:
- “Emails and customer numbers for 1.2 million active and inactive Managed WordPress customers
- sFTP and database usernames and passwords for active customers (passwords are now reset)
- SSL private keys “for a subset of active customers,” used to authenticate websites to internet users, enable encryption and prevent impersonation attacks. GoDaddy is in the process of issuing and installing new certificates for affected customers.”
“Our investigation is ongoing, and we are contacting all impacted customers directly with specific details,” Comes concluded. “We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”
Clearly it is an embarrassing situation for GoDaddy. Any breach is problematic, but the inability to notice the attack for months raises questions about the company’s security protocols.
Tip of the day: Did you know that a virtual drive on Windows can help you with disk management for various reasons? A virtual drive is just simulated by the platform as a separate drive while the holding file might be stored anywhere on your system .
The data in the drive is available in files or folders, which are represented by software in the operating system as a drive. In our tutorial we show you different ways how to setup and use such virtual drives.