TechllogTechllog
  • Entertainment
  • Life Hacks
  • Social Media
  • Technology
Facebook Twitter Instagram
TechllogTechllog
  • Entertainment
  • Life Hacks
  • Social Media
  • Technology
TechllogTechllog
Technology

GoDaddy Reports Data Breach: Impacted Customer Data from 1.2 Million Individuals

Elena MichaelsBy Elena MichaelsJuly 17, 2022Updated:July 17, 2022No Comments5 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
GoDaddy Reports Data Breach
Share
Facebook Twitter LinkedIn Pinterest Email

What’s Going On?

GoDaddy reported the breach to the Securities and Exchange Commission (SEC) on November 17, revealing that suspicious activity in its managed WordPress hosting environment was observed on that date. Using a stolen password, an unauthorised third-party obtained access to the Managed WordPress environment on September 6 and remained there until November 17 for nearly 70 days, according to the investigation.

Email addresses and customer numbers linked to WordPress accounts; the original WordPress admin password set at account provisioning; SSH File Transfer Protocol (SFTP) and database usernames and passwords; and SSL private keys for a subset of active customers were all exposed in the breach, according to GoDaddy’s report.

Immediately upon the discovery of the compromise, GoDaddy reset all affected SFTP and database passwords, and is currently providing and installing new SSL certificates for those customers who were affected.

Please accept our heartfelt apologies for the inconvenience this has caused our clients.” Our provisioning system will be strengthened with extra levels of protection as a result of our lessons learned from this occurrence, according to the statement.

Also Read: How to Make a Quality Website: Make a Great Website that Can Transform Your Business

Hackers Could Use Stolen Data in A Variety of Ways:

GoDaddy Reports Data Breach

Customers of GoDaddy may suffer long-term effects as a result of the security compromise. There is a considerable risk of phishing attacks when email addresses are made public.

To gain control of WordPress sites, criminal hackers might exploit compromised passwords to implant malware or engage in identity theft and fraud operations.

They might even be able to extort money from the owner of a domain name by encrypting it with the stolen SSL key. Client-server communication might be intercepted, clients could be scammed, and corporate websites could be altered.

What Should Be Done by The Impacted Companies to Minimise the Damage?

Rapid incident response can save a company’s bacon in the event of a breach. Revocation and reissue of compromised digital certificates must be carried out immediately by companies affected by the breach. WordPress administrators should assume they have been compromised and should revoke and reissue all certificates to be on the safe side.

It will take some time for GoDaddy to update all of the new SSL certificates.” For this reason, GoDaddy customers should verify that their certificates have been updated and change their SFTP access passwords to new and unique digits, letters, and symbols to mitigate current vulnerabilities.

If you want to keep your certificates and keys secure, you need to have cryptographic agility,” explains Murali Palanisamy, the Chief Solutions Officer for AppViewX.

Using short-lived digital certificates, he says, will reduce the amount of time attackers have to abuse certificates in the event of a breach.

When compared to standard certificates, short-lived certificates have a validity period of 90 days, which can be shortened further to 30 days if necessary, unlike the regular 1-year validity period. If the keys are stolen, attackers will have little time to devise and execute sophisticated assaults because of the short timescale.

One of the most essential takeaways from the GoDaddy hack is the value and necessity of automating Certificate Lifecycle Management (CLM). Today’s internet security relies heavily on digital certificates, which serve as identifiers. Data breaches can be prevented if they are managed and protected effectively.

PKI teams can quickly and easily revoke and reissue hundreds of thousands of certificates using an automated CLM system. As a result, hackers have more time to exploit a compromised certificate when this process is done manually.

Automated CLM systems also provide enterprises with crypto-agility, a critical skill that helps quickly convert from weak to safer crypto standards in the case of a break-in in order to limit the damage caused by the breach.

Automated solutions can also be used to develop and implement stringent security policies for certificates and keys, as well as establish role-based access control for the most secure environment possible.

GoDaddy Reports Data Breach

In order to assist companies become more proactive in their approach to corporate security, CLM automation combines the best of operational comfort and security.

Also Read: 1337x Proxy Websites: What They Are and How to Use Them

Onward and Upward

More than 20 million people use GoDaddy’s services worldwide. The loss of client confidence will be the most costly consequence of GoDaddy’s data leak, given that customers are becoming increasingly cyber-aware and making security-conscious choices.

Identity-based assaults have been steadily increasing in recent months, and the theft of the SSL key is one of the most recent examples. Millions of businesses around the world use SSL certificates to safeguard their digital operations on the internet.

Digital identities are as important as human ones and must be protected as a key concern for enterprises. Using an automated tool can allow you to accomplish more with fewer resources.

Investing in an end-to-end automation solution will provide significant insight into the certificate and encryption key infrastructure, which will assist prevent certificate-related events.

For More Information Visit Our Site : https://www.techllog.com/

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Elena Michaels

Related Posts

The Pixel Watch Can Also Be Turned Off when It Gets Too Hot!

June 5, 2023

Google Says that A.I. Makes Your Phone’s Gmail a Lot Faster Now!

June 3, 2023

The Whats App Video Call Feature Could Soon Let You Share Your Screen!

May 30, 2023

How to Sign Up for Google’s New AI Search Engine?

May 26, 2023
Add A Comment

Leave A Reply Cancel Reply

Recent Posts

  • Diving Into New Features for Apple TV, AirPods and HomePod
  • 13 Best iOS 17 Features: Live Voicemail, NameDrop, Journal App and More
  • Apple M2 Ultra: Everything you Need to Know
  • The Pixel Watch Can Also Be Turned Off when It Gets Too Hot!
  • Google Says that A.I. Makes Your Phone’s Gmail a Lot Faster Now!

Categories

  • Apps
  • Business
  • Cannabis
  • Download Firmware
  • Entertainment
  • Life Hacks
  • Online Dating
  • Other
  • Social Media
  • Technology
  • Tips
  • Uncategorized
About Us
About Us

Welcome to Techllog, your ultimate source for all things technology. Since our inception in 2017, we have been dedicated to providing the latest and greatest information in the tech world to our readers.

Facebook Twitter Instagram Pinterest
Latest Posts

Diving Into New Features for Apple TV, AirPods and HomePod

June 5, 2023

13 Best iOS 17 Features: Live Voicemail, NameDrop, Journal App and More

June 5, 2023

Apple M2 Ultra: Everything you Need to Know

June 5, 2023
Connect With Us
© 2023 Techllog.com
  • About Us
  • Contact Us
  • Editorial & Standard Policy
  • Privacy Policy
  • Fact Checking Policy
  • Terms And Conditions
  • DMCA
  • Meet Our Team
  • Write For Us

Type above and press Enter to search. Press Esc to cancel.