Written by AJ Vicens
Nov 22, 2021 | CYBERSCOOP
Data connected with up to 1.2 million GoDaddy customers may have been accessed by an unauthorized party, the company reported to the U.S. Securities and Exhcnage Commission Monday.
GoDaddy, a behemoth in the commercial web hosting and domain registrar space, reported that it discovered the apparent intrusion on Nov. 17, and that the improper access dated back to Sept. 6.
Using a compromised password, an unknown party accessed a GoDaddy system dedicated to managed WordPress services, where the company offers customers hosting and other content management features. Up to 1.2 million active and inactive customers’ email addresses and customer numbers were exposed, which could set them up for phishing attacks, Demetrius Comes, the company’s chief information security officer, wrote in the notice.
“We are sincerely sorry for this incident and the concern it causes for our customers,” Comes wrote. “We, GoDaddy leadership and employees, take our responsibility to protect customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.”
The active customers’ data included database usernames and passwords, and