• LinkedIn
  • Facebook
  • Remote
Call us @ 631-251-6300
interactive AV-IT
  • Home
  • About
  • Solutions
  • Learning Hub
  • Contact
  • Menu Menu
  • GoDaddy announced a major breach in its security for WordPress

    If your business’s WordPress website is hosted with any of these companies, you must take these urgent actions now

GoDaddy last week announced a major breach in its security, involving more than a million of its customers across several brands including tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe.

And if your business could be affected, there are some urgent actions you must take now.

You’ve probably heard of GoDaddy. It’s been around since the late 1990s when it started as a place to build and host your website. Later it became famous for selling domain names. These days it’s a huge internet company, with revenues of more than $3 billion.

One of the things GoDaddy does is host WordPress websites. WordPress is a very popular Content Management System (CMS) that powers a third of all websites.

It announced last week that a hacker got into one of its WordPress hosting systems in early September, by using a compromised password. And before the hacker was kicked out in the middle of November, they had access to data from 1.2 million WordPress hosted customers. Specifically, the hacker could access email addresses, original WordPress admin passwords, and other usernames and passwords.

If your business hosts a WordPress website with GoDaddy, please don’t panic. You may not be affected. The company hosts 5 million websites in total. It says it has reset the breached passwords and contacted everyone affected.

However. We prefer playing 100% safe. And we believe there are two risks you must protect yourself against.

The first is phishing. This is where a cyber-criminal sends an email pretending to be someone they’re not, such as a big supplier or your bank. They want you to click on a bad link to either give them access to your network, or accidentally download malicious software, known as malware.

Any time your email address is compromised, you are likely to be the target of more phishing emails.

The way to mitigate this risk is to train your staff what to look out for, and what to do is they are targeted in a phishing attack.

The second and greater risk is that someone has already been able to log into your website.

Even though GoDaddy has now reset the passwords, it seems the hacker enjoyed free access to all this data for up to two months.

There’s a possibility they could have logged into your website, and hidden malicious files there.

To play it safe, we recommend these three urgent steps:

  1. Change all admin passwords on your website
  2. Check there are no new admins that you didn’t set up. If there are, remove them immediately
  3. Run a thorough security scan on your website to look for backdoor access (a secret place where hackers can get in), trojans and malicious files

If you need help with any of this, please contact us immediately.

Here’s how to talk to us.

call us now on 631-251-6300 to tell us what you need

[email protected]

book a 15-minute video call by clicking here

Recent Posts

  • Useful Bluebeam Tips & Shortcuts
  • Enhancing Office Productivity With Google Chrome: The 11 Best Extensions To Improve Your Workflow
  • 11 Effective Security Measures To Bolster Your Microsoft 365 Data Protection
  • Top Laptops for Architects and Designers
  • Increasing Your Office Productivity with Streamlined Android Apps – The 3 Best Solutions

Archives

  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • September 2021
  • July 2021
  • June 2021
  • May 2021
  • March 2021
  • January 2021

Interactive AV-IT

175 Commerce Drive, Suite O
Hauppauge, NY 11788, United States

(631) 251 6300 | [email protected]

Recent Articles

  • Useful Bluebeam Tips & Shortcuts
  • Enhancing Office Productivity With Google Chrome: The 11 Best Extensions To Improve Your Workflow
  • 11 Effective Security Measures To Bolster Your Microsoft 365 Data Protection
© 2022 Interactive AV-IT Corp | Privacy | Terms of Service
  • LinkedIn
  • Facebook
  • Remote
Scroll to top