GoDaddy Announces User Data Breach: Exposes The Reality of Unmanaged ‘Security’
In a recent no-so-shocking incident, Web hosting giant GoDaddy reported a massive data breach that attacked over 1.2 Million user accounts, putting their personal information at risk.
GoDaddy Data Breach – The Complete Story
The company spokesperson on Monday, November 22nd, announced that they have discovered a data leak, which exposed the personal data of about 1.2M users. The company filed the incident with the US Securities and Exchange Commission (SEC). The filing said that the web hosting giant uncovered unauthorized third-party access to its Managed WordPress Hosting Environment on November 17th. It was since then the company started investigating the incident. The filing also stated that the intruders used a “compromised password” to access the “provisioning system in the legacy code base for Managed WordPress.”
GoDaddy reports the exposure of email addresses and client numbers of inactive and active users who used their Managed WordPress hosting services. The hosting giant is suspecting phishing attacks on the exposed email data.
While the investigation is still on, GoDaddy has already taken necessary measures to prevent further risks in future:
- The original WordPress Admin password has been changed by the GoDaddy authorities.
- Working on issuing and installing new SSL certificates for the affected customers.
- Reset sFTP and database usernames and passwords that were earlier made public for active clients.
The company is reaching out to the impacted customers with specific details. It has also requested customers to contact the company help center.
GoDaddy Data Breach: Is User Data Security Even Secure?
While the web hosting giant has already taken actions to prevent further threats, the incident has put in question the security of users and the huge amount of confidential data stored on such servers. Users and industry experts have condemned the entire incident and expressed great disappointment to the hosting giant through their tweets and comments.
Check out what our industry leaders said about the data leak incident:
Here is the audience take on:
Phishing attacks like this are no new! Hosting service providers have been reporting such incidences earlier. But the point here is, how long will the customers have to suffer, and do “complete data security” even exist? Both the user trust and money are put at stake when giants like GoDaddy fail to keep their promise of protecting user data. It’s hard time that big players should focus on reconsidering their security measures and take the best actions to protect their users’ trust.