GoDaddy Breached Today

GoDaddy Breached ALERT – 1.2M Affected – Plaintext Passwords

Managed WordPress via Godaddy Breached Today

This morning, Godaddy disclosed that an unknown hacker(s) gained unauthorized access to their systems that are used for Managed WordPress websites.

This breach affects up to 1.2 million users and WordPress customers. This number does not include all that were affected by this breach. Some Godaddy customers have multiple accounts.

Reported by Godaddy’s Filing with the SEC [1], the attacker(s) initially gained access via a compromised password on September 6, 2021, and was discovered on November 17, 2021. Access was then revoked for these users. Godaddy took immediate action to mitigate the damage but the attacker(s) had more than 2 months to establish a persistence so that anyone currently using Godaddy’s Managed WordPress products should assume they are compromised.

You should change your main Godaddy password now. Your WordPress Admin Passwords, FTP Passwords and Database Passwords.

It is recommended you then install Wordfence Security Plugin to scan your WordPress website for changes or file access.

Godaddy was storing sFTP password credentials in plaintext. This means that anyone could easily intercept and access the accounts with the passwords in plain view.

Read Full Article From Wordfence Here.

If you feel that your WordPress Website Has Been Hacked, contact After Dark Grafx at 1-888-578-8300 or via our contact page on our website.