3.5 C
New York
Wednesday 1 December 2021

Buy now

Ad

HomePoliticsIndiaGoDaddy security breach exposes WordPress users' data

GoDaddy security breach exposes WordPress users’ data

GoDaddy said while the original WordPress Admin password that was set at the time of provisioning was exposed, the passwords were then reset

|

In a massive case of breach, GoDaddy Inc has reported that up to 1.2 million active and inactive Managed WordPress customers had their addresses and customer number exposed. GoDaddy Inc, an internet domain registrar and web hosting company, in a statement released on 22 November evening, claimed that on 17 November 2021, the company discovered unauthorized third-party access to the Managed WordPress hosting environment. It further went on to say that the exposure was a result of a phishing attack.

The statement further reads that while the initial investigation has revealed that access was gained using a compromised password during the beginning of 6 September 2021.

“We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement,” Chief Information Security Officer Demetrius Comes said in a filing.

The company, whose shares fell about 1.6% in early trading, said it had immediately blocked the unauthorized third party, and an investigation was still going on.

This story corrects the second paragraph to say the incident was discovered on 17 November, not 6 September.

GoDaddy claimed that while the original WordPress Admin password that was set at the of provisioning was exposed, in case the same credentials were still in use, the company had reset those passwords.

“For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords. For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for those customers,” said the domain registrar giant.

The statement further said that while the company’s investigation is ongoing and they are contacting all impacted customers directly with specific details.

What is exposed due to the GoDaddy security breach

According to GoDaddy, starting 6 September 2021, the unauthorised third party used the vulnerability to gain access to:

1. Up to 12 lakh active and inactive Managed WordPress customers had their addresses and customer numbers exposed.

2. The original WordPress Admin password that was set at the of provisioning was exposed.

3. For active customers, sFTP and database usernames and passwords were exposed.

4. For some active customers, the SSL private key was exposed.

Sirf News needs to recruit journalists in large numbers to increase the volume of its reports and articles to at least 100 a day, which will make us mainstream, which is necessary to challenge the anti-India discourse by established media houses. Besides there are monthly liabilities like the subscription fees of news agencies, the cost of a dedicated server, office maintenance, marketing expenses, etc. Donation is our only source of income. Please serve the cause of the nation by donating generously.

Support pro-India journalism by donating

via UPI to surajit.dasgupta@icici or

via PayTM to 9650444033

Obesity kills 2.8 million people a year.

Heart disease kills 17.9 million a year.

Diabetes kills 1.5 million people a year.

If the government actually cared about your health, they would have banned fast food, processed sugars, & refined oils a long time ago.

But they didn’t.

More than a third of world’s population have never used internet, says UN https://www.theguardian.com/technology/2021/nov/30/more-than-a-third-of-worlds-population-has-never-used-the-internet-says-un

The capital of Alabama is coming under fire and facing a large fine after removing a street name honoring the president of the Confederacy. https://cnn.it/3lmIN4o

Jal Board did not provide accounts for audit, CAG informs Delhi HC | Latest News Delhi - Hindustan Times

AAP.. is this your idea of transparency ? Why block an audit ? What skeletons will tumble out?

Those speaking about a massive scam vindicated ? https://www.hindustantimes.com/cities/delhi-news/jal-board-did-not-provide-accounts-for-audit-cag-informs-delhi-hc-101638211889859.html

Madhya Pradesh: Viral video shows a quack doctor killing a dog with a knife after the canine allegedly bit his son in Dabra area of Gwalior

"Taking cognizance of the viral video, a case has been registered & an investigation initiated," ASP (Rural) Jai Raj Kuber said on Tuesday

Read further:

This site uses Akismet to reduce spam. Learn how your comment data is processed.

- Advertisment -

Now

Columns

[prisna-google-website-translator]
%d bloggers like this: