Earlier this week GoDaddy announced a data breach affecting more than a million of their Managed WordPress Hosting clients. This data breach has been verified by WordFence: sFTP (Secure File Transfer Protocol) passwords that were stored in plaintext. Hackers had access to GoDaddy’s files for more than 2 months before the breach was discovered.
Let me just say that storing passwords in plaintext has been a bad security practice for as long as I remember and I’ve been working on servers for over 30 years. That a company the size of GoDaddy has been promising their clients security and saving passwords that give hackers complete access to the backend of their websites in plaintext for years just reinforces my opinion of the company and both their technical and business practices. There will be more about this in the December newsletter, but the crew here at wpXPRESS wanted to make all of our members aware of this problem right away.
If you have a member care plan with wpXPRESS and believe you might have been affected by this security breach please let us know right away at our help email address or via the support portal.