image
Web-hosting giant GoDaddy has confirmed another data breach, this time affecting at least 1.2 million of its customers. On Monday, the world’s largest domain registrar said in a public filing to the SEC that an “unauthorized third party” managed to infiltrate its systems on Sept. 6 – and that the person(s) had continued access for almost two and a half months before GoDaddy noticed the breach on Nov. 17. “We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement,” Demetrius Comes, GoDaddy CISO, said in the website notice. Specifically, the attackers compromised GoDaddy’s Managed WordPress hosting environment – a site-building service that allows companies and individuals to use the popular WordPress content management system (CMS) in a hosted environment, without having to manage and update it themselves. “Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress,” according to Comes. The information the lurking cybercriminal(s) was/were able to purloin is a mixed bag. The Scottsdale, Ariz.-based firm said that it included: Emails and customer numbers for 1.2 million active and inactive Managed WordPress customers sFTP and database usernames and passwords for active customers (passwords are now reset) SSL private keys “for a subset of active customers,” used to…

Source