GoDaddy breach widens to include reseller subsidiaries
123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple, and tsoHost also affected
The recent GoDaddy breach which affected 1.2 million customers has now widened to include subsidiaries that resell the firm’s Managed WordPress offering.
The hosting company has revealed that the companies are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost.
GoDaddy confirmed to Wordfence that several of the resellers’ customers have been affected by the attack, which is said to have exposed email addresses, customer numbers, administrative login details, and even SSL private keys since it began.
The hosting giant stopped short of confirming how many additional users have now been affected, however.
“The GoDaddy brands that resell GoDaddy Managed WordPress are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple, and tsoHost,” Dan Rice, vice president of corporate communications at GoDaddy, revealed to Wordfence.
“A small number of active and inactive Managed WordPress users at those brands were impacted by the security incident. No other brands are impacted. Those brands have already contacted their respective customers with specific detail and recommended action.”
As reported by our sister website ITPro, GoDaddy revealed in a public filing to the SEC that an intruder had gained entry to its Managed WordPress hosting environment on Nov 17, having used a stolen password to access the provisioning system for the service.
The company disclosed that up to 1.2 million active and former users of its managed service had their email addresses and company numbers exposed. It also had to reset passwords after sFTP and database usernames and passwords were also stolen.
Additionally, GoDaddy is currently issuing new certificates for a “subset of active customers” that had their SSL private keys exposed.
It was also discovered that the attacker had been inside the system since September 6, equating to more than two months of access to the data.
"We are sincerely sorry for this incident and the concern it causes for our customers," the company said in its filing. "We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down.
“We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection."
Activation playbook: Deliver data that powers impactful, game-changing campaigns
Bringing together data and technology to drive better business outcomesFree Download
In unpredictable times, a data strategy is key
Data processes are crucial to guide decisions and drive business growthFree Download
Achieving resiliency with Everything-as-a-Service (XAAS)
Transforming the enterprise IT landscapeFree Download
What is contextual analytics?
Creating more customer value in HR software applicationsFree Download