Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
220965 TECHREPUBLIC 2021-11-22:
GoDaddy security breach impacts more than 1 million WordPress users
1.000 Find similar Compare side-by-side
221000 ZDNET 2021-11-22:
Over a million WordPress sites breached
0.966 0.641 Find similar Compare side-by-side
221019 ZDNET 2021-11-22:
Data from millions of Brazilians exposed in Wi-Fi management software firm leak
0.016 0.454 Find similar Compare side-by-side
220984 ZDNET 2021-11-23:
TIO wants telcos to have 24-hour fraud hotline
0.396 Find similar Compare side-by-side
220831 ZDNET 2021-11-22:
Hackers used this software flaw to steal credit card details from thousands of online retailers
0.382 Find similar Compare side-by-side
221091 VENTUREBEAT 2021-11-24:
Cloud security shifting to ‘dev’ not ‘ops,’ Snyk says
0.330 Find similar Compare side-by-side
221004 TECHREPUBLIC 2021-11-19:
8 advanced threats Kaspersky predicts for 2022
0.309 Find similar Compare side-by-side
220989 VENTUREBEAT 2021-11-19:
API security ‘arms race’ heats up
0.302 Find similar Compare side-by-side
221010 VENTUREBEAT 2021-11-23:
No-code conversational sales solutions provider Whatslly gets $11M
0.294 Find similar Compare side-by-side
221026 ZDNET 2021-11-23:
Code execution bug patched in Imunify360 Linux server security suite
0.286 Find similar Compare side-by-side
221027 ZDNET 2021-11-23:
Suspect arrested in 'ransom your employer' criminal scheme
0.284 Find similar Compare side-by-side
220844 VENTUREBEAT 2021-11-23:
Why an emerging cloud security trend offers ‘good news’ to businesses
0.283 Find similar Compare side-by-side
221066 ZDNET 2021-11-23:
Ethical Hacking, book review: A hands-on guide for would-be security professionals
0.282 Find similar Compare side-by-side
220879 VENTUREBEAT 2021-11-21:
Webhooks provider Svix snags $2.6M to simplify software management
0.274 Find similar Compare side-by-side
220655 ZDNET 2021-11-19:
Microsoft warning: Now Iran's hackers are attacking IT companies, too
0.266 Find similar Compare side-by-side
221081 ZDNET 2021-11-23:
Telstra's biggest cyber worry is businesses with basic single vendor environments
0.265 Find similar Compare side-by-side
220853 TECHREPUBLIC 2021-11-23:
US government warns of increased ransomware threats during Thanksgiving
0.262 Find similar Compare side-by-side
220940 VENTUREBEAT 2021-11-22:
Cyber insurance firm Resilience raises $80M to aid battle against ransomware
0.261 Find similar Compare side-by-side
220937 VENTUREBEAT 2021-11-22:
How Nvidia aims to demystify zero trust security
0.260 Find similar Compare side-by-side
220823 ZDNET 2021-11-23:
Ransomware warning: Hackers see holidays and weekends as a great time to attack
0.260 Find similar Compare side-by-side
221022 TECHREPUBLIC 2021-11-22:
Leaders agree that cybersecurity is a business risk, but are they acting on that belief?
0.259 Find similar Compare side-by-side
220994 VENTUREBEAT 2021-11-19:
Report: 70% of IT pros say security hygiene has gotten harder over past two years
0.259 Find similar Compare side-by-side
220968 VENTUREBEAT 2021-11-23:
Zenity raises $5M for low-code/no-code security
0.258 Find similar Compare side-by-side
220934 ARSTECHNICA 2021-11-20:
Locked out of “God mode,” runners are hacking their treadmills
0.257 Find similar Compare side-by-side
221024 ZDNET 2021-11-23:
TechOne readies to reap rewards as on-prem customers transition to SaaS ERP platform
0.256 Find similar Compare side-by-side

1

ID: 220965

URL: https://www.techrepublic.com/article/godaddy-security-breach-impacts-more-than-1-million-wordpress-users/

Date: 2021-11-22

GoDaddy security breach impacts more than 1 million WordPress users

GoDaddy has been on the receiving end of a security breach that has affected the accounts of more than 1 million of its WordPress customers. In a Monday filing with the Securities and Exchange Commission, Chief Information Security Officer Demetrius Comes said that on Nov. 17, 2021, the hosting company discovered unauthorizing access by a third party to its Managed WordPress hosting environment. After contacting law enforcement officials and investigating the incident with an IT forensics firm, GoDaddy found that the third party used a compromised password to access the provisioning system in its legacy code base for Managed WordPress. (TechRepublic Premium). The breach led to a number of issues that have hit customers and forced the company to react. First, the email addresses and customer numbers were exposed for 1.2 million active and inactive Managed WordPress customers. Second, the original WordPress Admin passwords set at the time of provisioning were exposed, requiring GoDaddy to reset them. Third, the sFTP (Secure File Transfer Protocol) and database usernames and passwords were compromised, forcing GoDaddy to reset those as well. Fourth, the SSL private key was exposed for a certain number of active customers. The company said that it's currently setting up new SSL certificates for those customers. After learning about the breach, Comes said that GoDaddy blocked the third party from its system. However, the attacker had already been using the compromised password since Sept. 6, giving them more than two months to do damage before they were discovered. "GoDaddy is a $3.3B company who you can assume has a large investment in cybersecurity, yet they still had an adversary in their environment for 72 days," said Ian McShane, field CTO for Arctic Wolf. "While it's often said that the mean time to detection numbers are inflated ( 208 in the latest Ponemon [study] ) and do not reflect the reality of a non-nation state attacker, this person managed to avoid being caught for two months." GoDaddy offers Managed WordPress hosting for customers who want to create and manage their own WordPress blogs and websites. The " managed" part of the equation means that GoDaddy handles all the basic administrative chores, such as installing and updating WordPress and backing up hosted sites. The provisioning system for WordPress legacy code points to code that must be maintained for the product to be backward compatible. Password breach: Why pop culture and passwords don't mix (free PDF). (TechRepublic). The investigation is ongoing, according to Comes, who said that the company is alerting all affected customers with more details. Apologizing for the breach, Comes promised that GoDaddy would learn from the incident, starting with the company now improving its provisioning system with more layers of protection. "Any breach is unfortunate, especially where over a million customer records have been potentially compromised," said Javvad Malik, security awareness advocate for KnowBe4. "Many individuals and small businesses rely on WordPress and GoDaddy to have a web presence, and this kind of breach can have a major impact." While expressing concerns that the attacker was in GoDaddy's server for more than two months, Malik praised the company for its response. "The company has reset exposed sFTP, database and admin user passwords and is installing new SSL certificates," Malik said. "In addition, the company contacted law enforcement, a forensics team, and notified customers. All of this is an ideal playbook from which other organizations could learn to better understand how to respond to a breach." However, the ramifications from this breach are still to be determined. With so many accounts compromised, cybercriminals will most certainly rush to exploit the stolen credentials and other data for new attacks. "The number of affected accounts—1.2 million—is so big that it feels like this would have been a lucrative ransomware opportunity, so there might be more to come from this story, particularly as we've seen more and more breaches devolve into ransomware and extortion sagas," McShane said. Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays