"For a subset of active customers, the SSL private key was exposed."For active customers, sFTP and database usernames and passwords were exposed.If those credentials were still in use, we reset those passwords."
"The original WordPress Admin password that was set at the time of provisioning was exposed.The essential points of the disclosure are these: The company discovered it on November 17th, and investigation remains in progress. The breach began, GoDaddy believes, on September 6th. There's no further attribution available at this time.ĭomain registrar and web hosting company GoDaddy has disclosed, in an SEC filing, a major data breach affecting "up to 1.2 million" active and inactive managed WordPress accounts. BIO-ISAC says the malware is spreading through the biomedical sector, which suggests that some intelligence service is actively scouting the US biomedical industry. Tardigrade proved more advanced than it appeared: evasive, persistent, and clearly interested in more than ransom. Tardigrade initially presented itself as an ordinary ransomware attack, but the extortionists, WIRED says, seemed curiously indifferent to whether they were actually paid. Tardigrade appeared this spring, when it hit BioBright's manufacturing facility. BIO-ISAC, the Bioeconomy Information Sharing and Analysis Center, yesterday released a report on malware it calls "Tardigrade" (named after the moss piglet micro-animal) and which it describes as the work of an advanced persistent threat, that is, a nation-state intelligence service.