Saijo George

Curated by Saijo George

Read more

wednesday24 Nov 2021

GoDaddy Breached – Plaintext Passwords – 1.2M Affected

https://www.wordfence.com

This morning, GoDaddy ( also impacts tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe) disclosed that an unknown attacker had gained unauthorized access to the system used to provision the company’s Managed WordPress sites, impacting up to 1.2 million of their WordPress customers. Note that this number does not include the number of customers of those websites that are affected by this breach, and some GoDaddy customers have multiple Managed WordPress sites in their accounts.

It appears that GoDaddy was storing sFTP credentials either as plaintext, or in a format that could be reversed into plaintext. They did this rather than using a salted hash, or a public key, both of which are considered industry best practices for sFTP. This allowed an attacker direct access to password credentials without the need to crack them.

General
No Media


I love tl;dr Marketing because I can get all the latest SEO news and trends in one spot without having to read lengthy articles. I really look forward to the daily emails to see what's new in our industry!

The SEO Winners In Google’s US Search Results 2021 1 - SEO News

Ryan Mews SEO Manager Merkle