GoDaddy security breach exposes up to 1.2 million WordPress users' data

GoDaddy said it had immediately blocked the unauthorised third party, and an investigation was still going on.
GoDaddy said it had immediately blocked the unauthorised third party, and an investigation was still going on.PHOTO: REUTERS

ARIZONA (REUTERS) - Web hosting company GoDaddy said on Monday (Nov 22) e-mail addresses of up to 1.2 million active and inactive Managed WordPress customers had been exposed in an unauthorised third-party access.

The company said the incident was discovered on Nov 17 and the third-party accessed the system using a compromised password.

"We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement," chief information security officer Demetrius Comes said in a filing.

The company, whose shares fell about 1.6 per cent in early trading, said it had immediately blocked the unauthorised third party, and an investigation was still going on.