banner
Nov 25, 2021
13 Views
0 0

GoDaddy data breach hits WordPress hosting services resellers

Written by
banner

Apple sues spyware-maker NSO Group, notifies iOS exploit targets
Mediatek eavesdropping bug impacts 30% of all Android smartphones
Stealthy new JavaScript malware infects Windows PCs with RATs
Hackers exploit Microsoft MSHTML bug to steal Google, Instagram creds
New CronRAT malware infects Linux systems using odd day cron jobs
Discord malware campaign targets crypto and NFT communities
Learn how to automate Windows with this $20 PowerShell bundle
Microsoft Defender for Endpoint fails to start on Windows Server
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
GoDaddy data breach hits WordPress hosting services resellers
GoDaddy says the recently disclosed data breach affecting roughly 1.2 million customers has also hit multiple Managed WordPress services resellers.
According to Dan Rice, VP of Corporate Communications at GoDaddy, the six resellers also impacted by this massive breach are tsoHostMedia Temple123RegDomain FactoryHeart Internet, and Host Europe.
GoDaddy acquired these brands after buying web hosting and cloud services companies Host Europe Group in 2017 and Media Temple in 2013.
” A small number of active and inactive Managed WordPress users at those brands were impacted by the security incident,” Rice told WordPress security firm Wordfence.
“No other brands are impacted. Those brands have already contacted their respective customers with specific detail and recommended action.”
The data breach was discovered by GoDaddy last Wednesday, on November 17, but, as separately revealed in a Monday filing with the US Securities and Exchange Commission, the customers’ data was exposed since at least September 6, 2021, after unknown threat actors had access to the company’s Managed WordPress hosting environment.
“Our investigation is ongoing, but we have determined that, on or about September 6, 2021, an unauthorized third party gained access to certain authentication information for administrative services, specifically, your customer number and email address associated with your account; your WordPress Admin login set at inception; and your sFTP and database usernames and passwords,” GoDaddy told customers in data breach notification letters sent this week.
“What this means is the unauthorized party could have obtained the ability to access your Managed WordPress service and make changes to it, including to alter your website and the content stored on it.”
The attackers had access to the following GoDaddy customer information after breaching the company’s provisioning system for Managed WordPress:
GoDaddy has not yet published a public statement regarding this data breach on its website.
This is not the first data breach or cybersecurity incident the web hosting giant’s has disclosed in recent years.
Another breach was revealed last year, in May, when GoDaddy alerted customers that hackers used their web hosting account credentials to connect to their hosting account via SSH.
GoDaddy’s security team discovered the breach after finding an altered SSH file in the company’s hosting environment and noticing suspicious activity on a subset of GoDaddy’s servers.
In 2019, GoDaddy injected JavaScript into US customers’ sites without their knowledge, potentially rendering them inoperable or impacting the websites’ overall performance.
GoDaddy is one of the largest web hosting companies and domain registrars, providing services to over 20 million customers worldwide.
GoDaddy hack causes data breach affecting 1.2 million customers
Costco discloses data breach after finding credit card skimmer
SCUF Gaming store hacked to steal credit card info of 32,000 customers
Accenture confirms data breach after August ransomware attack
Twitch downplays this month’s hack, says it had minimal impact
Not a member yet? Register Now
Over nine million Android devices infected by info-stealing trojan
Malware now trying to exploit new Windows Installer zero-day
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

Article Categories:
Cybersecurity News
banner

Comments are closed.