GoDaddy’s Latest Breach Affects 1.2M Customers

The kingpin domain registrar has logged its fifth cyber-incident since 2018, after an attacker with a compromised password stole email addresses, SSH keys and database logins.

Web-hosting giant GoDaddy has confirmed another data breach, this time affecting at least 1.2 million of its customers.

On Monday, the world’s largest domain registrar said in a public filing to the SEC that an “unauthorized third party” managed to infiltrate its systems on Sept. 6 – and that the person(s) had continued access for almost two and a half months before GoDaddy noticed the breach on Nov. 17.

“We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement,” Demetrius Comes, GoDaddy CISO, said in the website notice.

Specifically, the attackers compromised GoDaddy’s Managed WordPress hosting environment – a site-building service that allows companies and individuals to use the popular WordPress content management system (CMS) in a hosted environment, without having to manage and update it themselves.

“Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress,” according to Comes.

The information the

Read More: https://threatpost.com/godaddys-latest-breach-customers/176530/