godaddy — LowEndSpirit DEV https://dev.lowendspirit.com/index.php?p=/ Thu, 04 Jun 2026 22:04:01 +0000 en godaddy — LowEndSpirit DEV GoDaddy WordPress Hosting breach -2021 edition https://dev.lowendspirit.com/index.php?p=/discussion/3540/godaddy-wordpress-hosting-breach-2021-edition Mon, 22 Nov 2021 23:11:45 +0000 Industry News vyas 3540@/index.php?p=/discussions https://www.wordfence.com/blog/2021/11/godaddy-breach-plaintext-passwords/

Excerpt

What did the attacker have access to?

The SEC filing indicates that the attacker had access to user email addresses and customer numbers, the original WordPress Admin password that was set at the time of provisioning, and SSL private keys. All of these could be of use to an attacker, but one item, in particular, stands out:

During the period from September 6, 2021, to November 17, 2021, the sFTP and database usernames and passwords of active customers were accessible to the attacker.

GoDaddy stored sFTP passwords in such a way that the plaintext versions of the passwords could be retrieved, rather than storing salted hashes of these passwords, or providing public key authentication, which are both industry best practices.

]]> Pagely acquired by GoDaddy, Backblaze a public company https://dev.lowendspirit.com/index.php?p=/discussion/3519/pagely-acquired-by-godaddy-backblaze-a-public-company Sat, 13 Nov 2021 01:39:54 +0000 Industry News vyas 3519@/index.php?p=/discussions "Entreprise" level WordPress hosting... brought to you by GoDaddy

https://pagely.com/blog/we-did-it/

Meanwhile...

Backblaze went public

https://www.cnbc.com/2021/11/12/backblaze-ipo-takes-opposite-approach-to-rivian-going-public-small.html

]]>