GoDaddy has announced that it had identified unauthorized access to its hosted WordPress hosting site. The incident led to the disclosure of email addresses and customer numbers of up to 1.2 million active and inactive WordPress Managed users.
Other information exposed to the violation includes WordPress administrator passwords set at the time of delivery, sFTP and website usernames and passwords, as well as private SSL keys.
GoDaddy systems apparently first received the hijackers on September 6, but the entry was only available on November 17th.
WordPress security company Defiant has learned that GoDaddy brands reselling Managed WordPress services are also affected by this incident. Most of the affected products were acquired by GoDaddy in 2017 through the acquisition of Host Europe Group.
Read More: Securityweek
For more such updates follow us on Google News ITsecuritywire News
