GoDaddy said on Friday that its network suffered a multi-year security compromise that allowed unknown attackers to steal company source code, customer and employee login credentials, and install malware that redirected customer websites to malicious sites.
The most recent event occurred last December when the threat actor gained access to the cPanel hosting servers customers use to manage websites hosted by GoDaddy. The threat actor then installed malware on the servers that “intermittently redirected random customer websites to malicious sites.”
Starting in September of that year, the unauthorized party used the access to obtain login credentials for WordPress admin accounts, FTP accounts, and email addresses for 1.2 million current and inactive Managed WordPress customers.
GoDaddy said on Friday that its network suffered a multi-year security compromise that allowed unknown attackers to steal company source code, customer and employee login credentials, and install malware that redirected customer websites to malicious sites.
The most recent event occurred last December when the threat actor gained access to the cPanel hosting servers customers use to manage websites hosted by GoDaddy. The threat actor then installed malware on the servers that “intermittently redirected random customer websites to malicious sites.”
Starting in September of that year, the unauthorized party used the access to obtain login credentials for WordPress admin accounts, FTP accounts, and email addresses for 1.2 million current and inactive Managed WordPress customers.