The Verge is reporting this week that the web host and domain registrar GoDaddy is dealing with the fallout of a recent security breach that resulted in the exposure of over one million customer email addresses. This breach primarily affected customers of GoDaddy’s WordPress blog hosting services. GoDaddy has stated that the hackers utilized a compromised password to gain access, which is all too common with the proliferation of phishing scams and other nefarious methods.
Not only did this breach expose email addresses, but also WordPress admin passwords, underlying databases, sFTP systems, and even private SSL certificate keys. GoDaddy has begun mitigation processes by resetting passwords and contacting affected customers. If you are a GoDaddy customer, regardless of whether or not you use WordPress services, it may be a good idea to take proactive measures and reset your password and enable two-factor authentication if not already turned on. If you have received any communication from GoDaddy, make sure the source is legitimate.
And, as always, be on the lookout for phishing scams that may be out to get your important passwords and personal information. It is also important that all of your passwords be difficult to guess and different for every service you use. Password vaults make this very easy to manage, so look into adopting one! You can also check to see if your email address has been a part of a recent data breach by visiting https://haveibeenpwned.com/