GoDaddy Suffers Data Breach of 1.2 million customers. Nowadays all digital companies are trying to store their data more securely. All companies make sure that their data and their customer’s data will be safe and secure. On the other hand, some hackers are trying to steal it. And somehow they managed to hack the system to get sensitive and confidential data.
How GoDaddy Suffers Data Breach?
Now, one of the most popular web hosting platforms GoDaddy suffers Data breach. As per information, the data breach exposed the email addresses and contact numbers of nearly 1.2 million customers. Before GoDaddy, you must have heard about data breaches at Facebook, Twitch, and Acer. GoDaddy reported that there was an unauthorized third party who was able to gain access to their hosting platform.
GoDaddy’s Data Breach reported “this hack exposed admin password for both WordPress sites hosted on the platform and passwords for sFTPs, databases, and SSL private keys”. On November 22, 2021, GoDaddy informed the United States Security and Exchange Commission (SEC) that they suffer from the data breach.
After investigation, they came to know that this started on September 6, 2021, and discovered it after two months. According to the SEC, this happened due to compromised passwords in their provisioning system. It is the process of setting up customers with their new hosting services.
Data breach exposed GoDaddy’s,
- Customer numbers.
- Secure FTP (sFTP) usernames and passwords.
- Email addresses.
- SSL private keys.
- Database usernames and passwords.
- Original WordPress administrator-level passwords.
GoDaddy described it as an act of vulnerability. This simply means the weakness or flaw in their software coding.
However the root cause, GoDaddy suffers data breach was the usernames and passwords that were stored in unencrypted plain text, which was easy for the hackers to get all the usernames and passwords.
After this incident, the authorities of GoDaddy apologized to its customers for the data breach. They also started contacting affected customers directly to inform them about the data breach.