GoDaddy announced this morning that they experienced a breach affecting up to 1.2M customers. sFTP passwords could be retrieved as plaintext \t GoDaddy announced this morning that they have been breached. Our team took a deep dive into the breach and found that GoDaddy appears to have stored passwords in plaintext, or in a format that could be reversed back into plaintext, which is not an industry best practice. We confirmed this by signing into a GoDaddy Managed WordPress Hosting Account and verifying that we were able to view our own sFTP password. That means the attacker didn't need to crack the passwords and could likely retrieve them directly. According to GoDaddy's own SEC filing: "For active customers, sFTP and database usernames and passwords were exposed." The attacker had access to GoDaddy's systems for over two months before they were discovered. We have published a detailed post explaining how customers are affected, and what to do. Please pay special attention to our comments regarding your own customer notification obligations, if your site(s) are affected by this. Click here to read our post about this breach on the official Wordfence blog..... Hacked Site? Wordfence offers Site Cleanings with a Wordfence Premium license and a full 1-year guarantee. Click Here! \t Defiant, Inc., 1700 Westlake Ave N STE 200, Seattle, WA 98109, United States Manage preferences You're receiving this email because you signed up to the Wordfence WordPress security mailing list.