Administrators of WordPress sites using GoDaddy’s WordPress managed hosted service are being warned to change their passwords and watch for phishing attacks after the provider admitted it was hacked last week.

The way the attacker got in: A compromised password.

It appears that GoDaddy was storing sFTP credentials either as plaintext, or in a format that could be reversed into plaintext. They did this rather than using a salted hash, or a public key, both of which are considered industry best practices for sFTP. This allowed an attacker direct access to password credentials without the need to crack them.

Robert Prigge, CEO of Jumio said the breach underlines the inherent weakness of relying on credentials to authenticate users. Just over 60% of data breaches in 2020 involved the use of unauthorized credentials, he said.

Read the full article here:

✅ Protect your organisation, staff and customers and ask us for a demonstration of our patent protected image password solution that prevents many of the common attack vectors →