GoDaddy data breach exposes information from over 1 million people

From CNET: Customer information including email addresses, account numbers and passwords related to more than one million GoDaddy users was exposed in a data breach, the company said in a Monday regulatory filing.

According to the web hosting company's Securities and Exchange Commission notification, the breach affected users of WordPress, a web-based content management system used by bloggers and websites. The systems were first compromised on Sept. 6 when an unauthorized person used a stolen password to gain access, but the breach wasn't discovered until Nov. 17.

The exposure of account passwords could put GoDaddy users at risk of having their accounts taken over by cybercriminals, while the compromise of the email addresses increases the odds that they'll eventually be used in phishing attacks.

Up to 1.2 million active and inactive managed WordPress customers had their email addresses and customer account numbers exposed, GoDaddy said. In addition, original WordPress administrative passwords that were created during the account setup process were exposed. If those credentials were still in use, the company said it has reset them

View: Full Article