Month: November 2021

GoDaddy is an American publicly traded web hosting company and the largest domain registrar in the world.

On November 17, 2021, it discovered unauthorized third-party access to its Managed WordPress hosting environment.

Using a compromised password, an unauthorized third party accessed the provisioning system in GoDaddy’s legacy code base for Managed WordPress. “Upon identifying this incident, we immediately blocked the unauthorized third party from our system. Our investigation is ongoing, but we have determined that, beginning on September 6, 2021, the unauthorized third party used the vulnerability to gain access to the following customer information”, said Demetrius Comes, GoDaddy’s Chief Information Security Officer. He continues:

• Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks.
• The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, we reset those passwords.
• For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords.
• For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for those customers.

Various subsidiaries that resell GoDaddy Managed WordPress were also affected.

Read more about it here.

Costco is an American multinational retail giant that operates a large chain of membership-only retail stores, the fifth-largest retailer worldwide, and the tenth-largest corporation in the US by total revenue according to Fortune 500 rankings. As of March 2021, Costco had 804 stores worldwide, of which 558 are in the US.

Earlier in November 2021, Costco Wholesale Corporation notified its customers of a data breach that may have exposed their payment card information. The potential compromise originated from a credit card skimmer that cyber criminals had installed on a payment terminal at one of Costco’s stored. Costco indicated that once the skimming device was discovered by its personnel, it removed the device and contacted law enforcement agencies to expedite investigations.

“We recently discovered a payment card skimming device at a Costco warehouse you recently visited,” said the letter sent to affected customers. “Our member records indicate that you swiped your payment card to make a purchase at the affected terminal during the time the device may have been operating.” The letter continued: “If unauthorized parties were able to remove information from the device before it was discovered, they may have acquired the magnetic stripe of your payment card, including your name, card number, card expiration date, and CVV.”

The retailer advised the customers to monitor their bank and credit card statements for fraudulent activities.

The company did not disclose the number of affected customers.

Read more about it here.

Robinhood is a US commission-free stock trading and investing platform, having as of March 2021 18 million accounts with over $80 billion in assets. On November 8, 2021, the company disclosed a data breach, where where on November 3, a threat actor gained access to the personal information of approximately 7 million customers. “Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident” says the announcement.

“The unauthorized party socially engineered a customer support employee by phone and obtained access to certain customer support systems.” In total, the following was leaked:

• 5 million email addresses
• 2 million full names of a different group of customers
• 310 customers had their personal information, including name, date of birth, and postal zip code leaked
• 10 customers had more extensive account details leaked

Read more about it here.