Hacking a godaddy provider that led to compromise 1.2 million WordPress hosting clients

Revealed Information about hacking godaddy , one of the largest domain recorders and hosting providers. On November 17, a non-authorized access to servers that were responsible for providing hosting on the WordPress platform database were identified. The incidental dissembly has shown that the extraneous gained access to the WordPress hosting management system through the compromised password of one of the employees, and used the defective vulnerability in the outdated system to gain access to confidential information about 1.2 million active and non-active WordPress hosting users.

in According to the hands of the attackers, data about the administrator password of each WordPress instance exhibited during the initial creation of hosting environment (the problem affects customers that did not change the default password when creating hosting). Moreover, the closed SSL keys of the active users, as well as the email addresses and customer numbers, which could be used to commit phishing were included in the hands of the attackers. It is noted that the attackers had access to infrastructure since September 6.

/Media reports.