A supportive gap of security on the GoDaddy hosting service resulted in the exposure of addresses from email of about 1,2 million WordPress customers. The occurrence took place after an unauthorized third party access.

According to the company the improper access occurred on September 6, 2021, with the improper agent using a compromised password to enter the system. on the 17th of November, GoDaddy discovered the incident, which affected the company's WordPress admin hosting environment.


GoDaddy initiated an investigation and contacted authorities

Upon discovery of the improper access, the attacker was blocked and an investigation was launched with the help of a forensic company. TI. In addition, GoDaddy has contacted authorities, as reported by Demetrius Comes, director of information security. “We are sincerely sorry for this incident and for the concern it causes our customers,” says the note.

On unauthorized access, the agent can see original WordPress admin passwords and data of active users on the platform — the keys SLL of some sites were also exposed. The exposure of information of this nature can allow problems such as risk of phishing attacks among others. Without too many details, GoDaddy says a small number of customers in Brazil were impacted by the incident.

Godaddy informs that it is in the process of issuing and installing new certificates and that you are contacting all affected customers directly with specific details. Customers can also contact the hosting service through the help center, on this link.

Read more:

Have you watched our new videos on YouTube? Subscribe to our channel.