Over a million WordPress sites breached


WordPress is much more than blogs. It works on more than 42% of all websites. So whenever there is a WordPress security flaw, it’s a big deal. And now GoDaddy, which is the world’s leading web hosting company with tens of millions more sites than its competition, is reporting that data has been exposed on 1.2 million of its WordPress clients. Best VPN Service 2021 Every remote worker should consider a virtual private network to stay safe online. Read More In a Securities and Exchange Commission (SEC) filing, GoDaddy Chief Information Security Officer (CISO) Demetrius Comes said they have discovered unauthorized access to their managed WordPress servers. To be exact, the leak opened information on 1.2 million active and inactive managed WordPress clients as of September 6, 2021. This managed service, according to WordPress, is an optimized and optimized hosting for the creation and administration of sites of WordPress. GoDaddy handles basic hosting administrative tasks such as WordPress installation, automated daily backups, WordPress core updates, and server-level caching. These plans start at $ 6.99 per month. Customers had both their email addresses and customer numbers exposed. As a result, GoDaddy cautions users that this exposure can put users at greater risk of phishing attacks. The web host also said that the original WordPress admin password, created when WordPress was first installed, has also been exposed. So if you never changed that password, hackers have been accessing your website for months. Additionally, active clients had their database and SFTP usernames and passwords exposed. GoDaddy has reset both passwords. Finally, some active clients had their Secure-Socket Layer (SSL) private key exposed. GoDaddy is reissuing and installing new certificates for those clients. WordFence, a WordPress security company, says in their report: “It appears that GoDaddy stored sFTP credentials as plain text or in a format that could be reversed to plain text. They did this instead of using a salty hash or key which are considered industry best practices for sFTP. This allowed an attacker to directly access password credentials without cracking them. ” GoDaddy has announced that its investigation is ongoing. The company is communicating directly with all affected customers with specific details. Customers can also contact GoDaddy through its Help Center. This site includes the phone numbers of users in the affected countries. Right now, that’s all the information GoDaddy has released about the breach. Related stories:

Source Link



Crytocurrency,16,Deals/Offers,11,Digital Marketing & SEO,19,Education,25,Finance,117,Hosting,1751,Insurance,48,Loan,10,Mortgage,29,Reviews,29,Shopping,42,Software & Apps,1829,Trading,14,Travel,16,Web Development,23,
Viralrook: Over a million WordPress sites breached
Over a million WordPress sites breached
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content