This week, news broke that GoDaddy had a major data breach back in September on their managed WordPress servers, affecting 1.2 million active and inactive WordPress sites that use GoDaddy for hosting, and according to ZDNet.com, the following data is what’s at risk:
Customers had both their email addresses and customer numbers exposed. As a result, GoDaddy warns users that this exposure can put users at greater risk of phishing attacks. The web host also said that the original WordPress admin password, created when WordPress was first installed, has also been exposed. So if you never changed that password, hackers have had access to your website for months.
In addition, active customers had their sFTP and database usernames and passwords exposed. GoDaddy has reset both these passwords. Finally, some active customers had their Secure-Socket Layer (SSL) private key exposed. GoDaddy is currently reissuing and installing new certificates for those customers.
If you’re wondering if your website was affected and would like to learn more about the data breach, click here to read the full article from ZDNet.com. As always, don’t hesitate to reach out to us if you have any additional questions or would like further recommendations.