In September 2021, over 1 million GoDaddy customers suffered a data breach.
Security researchers explained that the breach happened due to inadequate protection.
According to GoDaddy’s statement, their WordPress Managed Hosting affected customers have had their passwords changed.
However, changing passwords will not solve all the problems hackers left behind, which means that up to 1.2 million GoDaddy hosting customers may still be at risk.
According to GoDaddy’s investigation, the attack started on September 6, 2021, and was only discovered two months later, on November 17, and GoDaddy notified the US Security and Exchange Commission (SEC) on November 22, 2021.
According to the report to the SEC, the data breach was caused by a compromised password in their provisioning system.
Wordfence security researchers discovered that GoDaddy’s Managed WordPress hosting stored sFTP usernames and passwords in a way that was not compliant with industry best practices. The usernames and passwords were saved in an unencrypted plain text format, according to Wordfence security experts, allowing a hacker to grab usernames and passwords quickly.
In addition to GoDaddy, a data breach was detected at six other web hosts. The six new compromised web hosts are resellers of GoDaddy’s hosting services.
Customers of the additional six web hosting providers may face further security issues considering their data was undetected for two months.
The hackers could additionally pick up control on sites that had not changed their default admin password, but it would be easier for them to use their sFTP and database access to do so basically. It will be easier to end online scams and website tracking with web-filtering technologies and anti-spam email tools installed on your devices.
Wordfence advises, if your website is managed by GoDaddy or the other six compromised web hosts, you should change all of your WordPress passwords, enable 2-factor authentication, check for unauthorized administrator accounts, scan your site for malware and be on the lookout for suspicious emails – phishing risk.