Over 1 Million Users Affected In GoDaddy Data Breach

Exploit: Data Breach, Credential Compromise
Company: GoDaddy
Industry: Technology, Web Hosting
Source: https://www.usatoday.com/story/tech/2021/11/22/godaddy-data-breach-users-2021/8727554002/

Web hosting giant GoDaddy recently filed a report with the SEC regarding a data breach that appears to have potentially impacted 1.2 million customers. The detailed report shows that GoDaddy detected unauthorized third-party access to its systems where it hosts and manages its customers’ WordPress servers. While the breach was detected on November 17, the incident seems to have taken place around September 6 when a compromised password was used to access the company’s systems.

GoDaddy has issued a warning to active customers that their sFTP credentials (for file transfers), usernames, email addresses, and customer numbers were exposed during the data breach. The company has stated that compromised data of this nature could put users at a greater risk of phishing attacks. For some customers, SSL (HTTPS) private keys were also compromised, leaving them vulnerable to threat actors impersonating their website or services.

An investigation is underway; however, it appears that no customer PII or financial information was taken at this time. For now, the 1.2 million affected active and inactive users are being advised to take appropriate actions and to remain vigilant.

Protect Your Business Against Modern Cyber Threats

More than ever, organizations of all sizes have been facing a historical rise in cyber attacks and data breaches. Talk to a cyber security expert today and find out how we can provide expert consulting and a portfolio of Cyber Security solutions designed to protect your organization against today’s most prevalent threats.