Monday, July 6, 2026

Data breach spread to six web hosts


The GoDaddy data breach, which affected as many as 1.2 million web hosts, has expanded to another six web hosts serving customers worldwide. The other six infected web hosts are resellers of GoDaddy hosting services. The level of intrusion seems to be the same as GoDaddy, and the date the security intrusion started matches.

The six infected web hosting service providers are:

  • 123Reg
  • Domain factory
  • Heart Net
  • Host Europe
  • Media sanctuary
  • Host

advertise

Keep reading below

Precise date of invasion

California issued a security breach notification submitted by GoDaddy on November 23, 2021.

In the California notice, GoDaddy provided a specific date for the security breach.

Date of invasion:

  • 09/06/2021
  • 09/07/2021
  • 09/08/2021
  • 09/09/2021
  • 09/10/2021
  • 09/11/2021
  • 11/07/2021

These dates are important because, according to information released by Wordfence, customers of at least two hosting providers have received notifications citing the same intrusion date, which is September 6, 2021. This means that the root causes of additional data breaches are interrelated, if not more, at least on the date.

advertise

Keep reading below

The notifications sent to GoDaddy customers and at least two additional web hosts are similar.

This is part of the email sent to GoDaddy customers:

“We are writing to notify you that a security incident has occurred that affects your GoDaddy managed WordPress hosting service.

On November 17, we discovered suspicious activity in the WordPress hosting environment, and immediately started an investigation with the help of a third-party IT forensics company, and contacted law enforcement.

Our investigation is still ongoing, but we have determined that on or around September 6, 2021, unauthorized third parties obtained access to certain authentication information used to manage the service, especially with your The customer number and email address associated with the account; the WordPress administrator login you set up at the beginning; and your sFTP and
Database user name and password.

This means that an unauthorized party can gain the ability to access your hosted WordPress service and make changes to it, including changing your website and the content stored in it. “

Notifications sent to GoDaddy customers are similar to email notifications sent to MediaTemple customers.

This is part of the email sent to MediaTemple customers:

“…We have determined that on or around September 6, 2021, unauthorized third parties obtained certain identity verification information used to manage the service, especially the customer number and email associated with your account Address; the WordPress administrator login you set up at the beginning; and your sFTP and database username and password.”

The administrators of each virtual host have reset their passwords and advise customers to reset their passwords. Those whose SSL certificate data is exposed may have to reinstall their certificates.

advertise

Keep reading below

Is the customer facing a website that may be hacked?

Customers of the other six web hosting service providers affected by the data breach may face the possibility of further security issues because their sensitive data has been exposed for two months without being discovered, allowing hackers time to install backdoors, add rogue management accounts and Upload malicious scripts.

Citation

Read the Wordfence security bulletin

GoDaddy vulnerability extends to tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet and Host Europe

California Data Security Violation Notice

Sample email sent by GoDaddy (PDF)





Source link

Related articles

Most Popular Baby Names 2024: Top Picks

Join us as we explore the captivating world of the most popular baby names for 2024! Which name will you choose...

Most Popular Baby Names 2024: Top Picks

Join us as we explore the captivating world of the most popular baby names for 2024! Which name will you choose...

How to Settle a Colic Baby: Proven Tips

Eager to discover effective ways to calm your colicky baby? From soothing techniques to critical consultation cues, let's explore what...

What Is Colic in Babies: Key Facts Revealed

Understanding what colic in babies truly entails can be a challenge for many parents. As the evening wears on, and the baby's cries reach a crescendo, an urgent question looms in the air: what now?

The 7 Best Ways to Gain Popularity

Online searches are often not the starting point...
spot_imgspot_img