The Godaddy hack that exposed the details of 1.2 million GoDaddy customers and now has spread to six more web hosts. As Search Engine Journal reports, the six additional web hosts are all resellers of GoDaddy’s WordPress hosting services with include 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple, and tsoHost.
Customer accounts of at least two of these web hosting companies have been sent emails very similar to the one GoDaddy sent out regarding the security breach. The hack they experienced also targeted Managed WordPress accounts and managed to leak email addresses, customer numbers, WordPress Admin passwords, sFTP database usernames and passwords for active customers, and in some cases SSL private keys.
WordPress security plugin maker Wordfence confirmed the hack has spread to these web hosts and published a quote from Dan Rice, VP of Corporate Communications at GoDaddy, as to the extent of the attack:
“The GoDaddy brands that resell GoDaddy Managed WordPress are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost. A small number of active and inactive Managed WordPress users at those brands were impacted by the security incident. No other brands are impacted. Those brands have already contacted their respective customers with specific detail and recommended action.”
The intrusion began on Sept. 6, giving the attacker plenty of time to take advantage of the user data and access to accounts. It’s currently unknown how that access to the data has been used. All customers affected by the breach at the web hosts listed above need to be vigilant and extra cautious with the emails they receive.