GoDaddy has made it official that a data breach has occurred on its database in September this year leaking email addresses to hackers that could lead to phishing attacks in the future.
Interestingly, hackers reportedly gained access to the domain registrar provider’s servers in September this year. But the unauthorized access could only be detected last week during a security audit, causing severe concerns to customers of the web hosting provider.
Web hosting company GoDaddy said in its statement that there is a high probability that the attack could have led to the information leak of over 1.2 million Word Press customers.
Cybersecurity Insiders has learnt from its sources that the fraudulent access was possible as the hackers exploited a password of one of the employee having admin level privileges to the GoDaddy WordPress database.
Demetrius Commes, the CEO of GoDaddy, admitted the occurrence of the incident in the November 22nd, 2021 SEC filing and assured that his company’s IT staff will try their best to avoid such digital embarrassments in the future.
As a precautionary measure, the company reset all passwords accessing the database through Secure File Transfer Protocol and chose to install new certificates to customers whose SSL private keys were also stolen.
Note- A Phishing Attack is a kind of social engineering attack where hackers try to send fake communication through email and try to make the communication medium as legitimate. It is usually done to dupe victims into opening an email or a phone message and make them click on malicious links, thereafter leading to scams such as stealing of user data, including that of login credentials and credit card numbers.