More than a week ago, web hosting giant GoDaddy filed a data breach incident with the Securities and Exchange Commission (SEC), reporting that data on more than one million active and inactive customers may have been accessed. Headquartered in Tempe, Arizona, GoDaddy has more than 20 million customers worldwide.
According to Demetrius Comes, GoDaddy’s Chief Information Security Officer, the company discovered unauthorized access to its systems where it hosts and manages its customers’ WordPress servers. WordPress is a web-based content management system that millions of people use to create blogs and websites. Customers can host and manage their own WordPress installations on GoDaddy’s hosting environment, however, as this recent security incident indicates it’s critical that key cybersecurity precautions are employed.
When the Data Breach Occurred
According to the web hosting provider, on or around September 6, an unauthorized person used a compromised password to gain access to GoDaddy’s systems. On November 17, it discovered the data breach. It’s unclear whether the compromised password was protected by two-factor authentication.
The breach, according to the SEC filing, affects 1.2 million active customers and inactive managed WordPress customers, whose personal data such as email addresses and customer numbers were exposed. GoDaddy said this security breach exposure may put users at greater risk of phishing attacks. Phishing occurs when attackers send malicious emails designed to dupe people into falling for a scam, with the goal of obtaining financial information and other personal data from the target.
Stored Sftp Passwords Exposed
Original WordPress admin passwords created when the content management system was first installed, which could be used to access a customer’s WordPress server, were also exposed, according to GoDaddy.
The breach exposed active customers’ FTP credentials (for secure file transfer protocol) as well as the usernames and passwords for their WordPress databases, which store all of the user’s content. In some cases, there was a stolen SSL private key, which could allow an attacker to impersonate a customer’s website or services if abused.
GoDaddy IT forensics firm has reset customer WordPress passwords and private keys and is in the process of issuing new SSL certificates, according to the company.
Mitigating Risk: Protecting Your Server Against A Security Incident
With our Agency Tsunami program, Neilson Marketing Services provides insurance agencies, wholesalers, Program Administrators, and MGAs with website services ranging from copywriting to design, development, hosting and branded blog content. The majority of our clients rely on us to provide a secure, managed WordPress hosting environment in lieu of hosting their site themselves or with a company like GoDaddy.
Our Server Hosting Ecosystem
Our high-performance server hosting ecosystem is privately managed and decentralized and has been designed with cybersecurity in mind. The following measures are in place in our server environment to mitigate the risks of cyberattacks:
• Provides SSL security with end-to-end encryption to help prevent unauthorized third-party access
• Prevents hacks and attacks
• Virtually eliminates vulnerabilities
• Guards against application-layer attacks such as DDOS, cross-site scripting (XSS), SQL injection, and cookie poisoning
• Safeguards against brute force attacks on login pages, which are one of the most vulnerable points on any website
• Prevents critical threats as documented by the nonprofit organization Open Web Application Security Project (OWASP) via our Web Application Firewall (WAF)
• Resists DDoS Mitigation – Distributed Denial-of-Service (DDoS) attacks via our WAF
• Provides real-time alerts for quick responses to any potential issues
• Regularly updates and monitors sites 24/7/365
If you have any questions about your website and keeping it cyber-secure, including the need for a managed WordPress hosting environment, please reach out to us.
