GoDaddy is a giant internet infrastructure company which offers services to internet businesses. On November 22,2021 the company released a statement that a hacker was able to get hold of 1.2 million WordPress site owners who use their services.
The investigation that followed, revealed that the hacker had access to this information since atleast September 6 making it a grievous oversight.
The users have their email addresses and passwords exposed for more than 2 months. Additionally, the SSl private key and sFTP databases were also available to the hacker.
In order to minimise damage, GoDaddy immediately reset its servers and admin passwords for those affected by the hack.
The company is still installing new SSL certificates for those hacked. Users have also been updated about the situation. “We are sincerely sorry for this incident and the concern it causes for our customers,” said Demetrius Comes, Chief Information Security Officer at GoDaddy.
This is the company’s second data breach in two years.