Compromised data includes customer account numbers, email addresses and passwords.
Customer information including email addresses, account numbers and passwords related to more than one million GoDaddy users was exposed in a data breach, the company said in a Monday regulatory filing.
According to the web hosting company’s Securities and Exchange Commission notification, the breach affected users of WordPress, a web-based content management system used by bloggers and websites. The systems were first compromised on Sept. 6 when an unauthorized person used a stolen password to gain access, but the breach wasn’t discovered until Nov. 17.
The exposure of account passwords could put GoDaddy users at risk of having their accounts taken over by cybercriminals, while the compromise of the email addresses increases the odds that they’ll eventually be used in phishing attacks.
Up to 1.2 million active and inactive managed WordPress customers had their email addresses and customer account numbers exposed, GoDaddy said. In addition, original WordPress administrative passwords that were created during the account setup process were exposed. If those credentials were still in use, the company said it has reset them
The sFTP and database usernames and passwords of active customers also were exposed. GoDaddy has since reset those, too. And the SSL private key of some customers was exposed. GoDaddy said it’s in the process of issuing and installing new certificates for those customers.
GoDaddy said its investigation remains ongoing and that it’s reaching out to affected customers. Customers can also reach the company directly through its online help center.