1.2 million Customer Accounts affected by GoDaddy Breach
Security Researchers have discovered that the Web hosting company GoDaddy has been hacked and 1.2 million customer accounts and user’s data has been accessed and exposed. Attackers gained access to the WordPress Admin passwords and the sFTP database username and password of active customers. Attackers also compromised SSL private keys and certificates. This could allow attackers to hijack a domain name and use it to extort ransom for its return. The leaked data includes sensitive personal information including: - Email address - Customer number - Admin passwords of WordPress - SSL private keys Recommendation Workaround:
It is recommended to reset your WordPress and GoDaddy password.
It is also recommended to use Multifactor Authentication.
It is recommended to remove previous SSL certificates/keys associated with GoDaddy products or services and install new ones.
Reference URL: https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm https://www.wordfence.com/blog/2021/11/godaddy-breach-plaintext-passwords