An American publicly traded Internet domain registrar and web hosting company, GoDaddy has reported a data breach and warns that data on 1.2 million customers have been accessed, international media reported.
In a filing with the Securities and Exchange Commission, GoDaddy’s chief information security officer Demetrius Comes said the company detected unauthorized access to its systems where it hosts and manages its customers’ WordPress servers.
WordPress is a web-based content management system used by millions to set up blogs or websites. GoDaddy lets customers host their own WordPress installs on their servers.
The web hosting giant said the unauthorized person used a compromised password to get access to GoDaddy’s systems around September 6.
GoDaddy said it discovered the breach last week on November 17. It’s not clear if the compromised password was protected with two-factor authentication.
The filing said that the breach affects 1.2 million active and inactive managed WordPress users, who had their email addresses and customer numbers exposed.
GoDaddy said this exposure could put users at greater risk of phishing attacks. The web host also said that the original WordPress admin password created when WordPress was first installed, which could be used to access a customer’s WordPress server, was also exposed.
The company said that active customers had their sFTP credentials (for file transfers), and the usernames and passwords for their WordPress databases, which store all the user’s content, exposed in the breach.
In some cases, the customer’s SSL (HTTPS) private key was exposed, which if abused could allow an attacker to impersonate a customer’s website or services.
The web host has more than 20 million customers worldwide.