GoDaddy WordPress Hosting breach -2021 edition
https://www.wordfence.com/blog/2021/11/godaddy-breach-plaintext-passwords/
Excerpt
What did the attacker have access to?
The SEC filing indicates that the attacker had access to user email addresses and customer numbers, the original WordPress Admin password that was set at the time of provisioning, and SSL private keys. All of these could be of use to an attacker, but one item, in particular, stands out:
During the period from September 6, 2021, to November 17, 2021, the sFTP and database usernames and passwords of active customers were accessible to the attacker.
GoDaddy stored sFTP passwords in such a way that the plaintext versions of the passwords could be retrieved, rather than storing salted hashes of these passwords, or providing public key authentication, which are both industry best practices.
Comments
Daddy done fucked up now
early blackfriday deal
I moved all of my clients away from it long time ago, seems like tje best decision yet
Web Design Agency - Custom Web Designs
WHMCS.design - WHMCS Themes | Blesta.shop - Blesta Themes
Breach was much wider:
Sub brands of Godaddy also affected:
https://www.wordfence.com/blog/2021/11/godaddy-tsohost-mediatemple-123reg-domain-factory-heart-internet-host-europe/
blog | exploring visually |