GoDaddy's Managed WordPress Breached!
November 23, 2021 - GoDaddy disclosed on Monday November 22 that it discovered a data breach on November 17 that exposed data belong to 1.2 million active and inactive customers of Managed WordPress.
The exposed details include:
default WordPress admin password when the account was first provisioned
SFTP and database user name and passwords
SSL private keys (smaller subset of 1.2 million)
GoDaddy has reset all passwords of affected customers and in the process of issue new SSL certificates for customers whom SSL private keys were impacted.
Based on GoDaddy's postmortem of the event, the hackers gained access to GoDaddy provisioning system using a compromised password and remained undetected for over 70 days since Sept 6. This is the second high profile breach with GoDaddy after the earlier breach of SSH credentials off 28,000 customers back in May 2020.
Godaddy customers are advised to be more vigilant for future phishing attacks as the result of this breach due to the exposed email addresses.