WordPress hosting customers handled by GoDaddy underwent a data breach, with an ongoing investigation and reset passwords.
The data breach was overlooked for over two months, and according to GoDaddy, the reason for this breach is on account of the substandard security, which didn’t meet the web hosting industry needs.
Despite the fact that the web hosting provider reset the passwords for their 1.2 million customers and sent out emails regarding this issue, the data breach will continue to affect them in every way.
As stated by GoDaddy, this data breach was due to vulnerability, which means that the company stored sFTP usernames and passwords in a way that didn’t match the best practices of the web hosting industry. Additionally, reports from security researchers from Wordfence show that the usernames and passwords were stored in a plain text approach, which was a clear way for hackers to acquire that data.
Official statements show that email addresses, customer numbers, original WordPress administrator level passwords, secure FTP (SFTP) usernames and passwords are just some of the few things exposed to the hackers.
Besides GoDaddy’s data breach, the latest reports indicate that six more web hosts serving providers were victims of the same breach and in the same period.
We can learn from these data breaches that modern hackers have much more control over the web nowadays than in the past. That is why we must take all precautionary security measures like a trustworthy VPN, two-factor authentications, encryption software, just to name a few.