Skip to content

1.2 million email addresses leaked in GoDaddy’s latest breach

GoDaddy suffered a massive data breach that gave the attacker access to over 1.2 million email addresses coming from active and inactive Managed WordPress users. The company disclosed the breach in the SEC filing on Monday. 

The attacker gained access to a system meant to set up and automatically configure new sites in their legacy codebase for Managed WordPress using a “compromised password.” GoDaddy noticed the intrusion on November 17 and locked the attacker out before contacting law investigation and launching their investigation with the help of an unnamed IT forensic firm. 

GoDaddy says that their “investigation is ongoing, and we are contacting all impacted customers directly with specific details.” However, the company has been somewhat vague in its description of the attack so far.

In the News: MediaTek announces the Dimensity 9000, its most powerful SoC yet


Another bug in the closet?

While the intrusion may have been detected on November 17, an initial investigation has revealed that the attacker had access to the data since September 6. According to the filed disclosure, the following customer information has been leaked.

  • Up to 1.2 million active and inactive Managed WordPress users’ email addresses and customer numbers.
  • Original WordPress admin password set up at the time of provisioning the site. 
  • sFTP and database credentials for active users.
  • SSL private keys for a subset of active customers. 

As mentioned before, there have been no details on how the hack actually took place except that the attacker gained access to GoDaddy’s provisioning system in their legacy code base for Managed WordPress using a compromised password.

How this password was compromised and how was the attack carried out will only become clear as the company proceeds with its investigation and publishes further details. As for the potential consequences of such a large breach, these 1.2 million email addresses could be a hunting ground for phishers and scammers.

In the News: No default end-to-end encryption for Messenger and Instagram until 2023

Hello There!

If you like what you read, please support our publication by sharing it with your friends, family and colleagues. We're an ad-supported publication. So, if you're running an Adblocker, we humbly request you to whitelist us.

Share on facebook
Share on whatsapp
Share on twitter
Share on reddit
Share on linkedin
Share on pocket
Share on pinterest
Share on telegram
Share on stumbleupon
Share on digg
Share on tumblr
Share on email
Share on skype
Share on xing
Share on vk
Share on odnoklassniki
Share on mix








>