GoDaddy suffers a data breach for their 1.2 million Managed WordPress customers

GoDaddy, a domain registrar and web hosting company, has recently confirmed that up to 1.2 million of their customers data has been breached after hackers gained access to their Managed WordPress hosting network.

This incident was first noticed on November 17th 2021 but through further investigation it was discovered that the hackers have breached the confidential data since at least September 6th 2021. 

Demetrius Comes, GoDaddy’s Chief Information Security Office, has put out the following statement:

“We recently identified suspicious activity in our WordPress hosting environment and immediately began an investigation with the help of a third-party IT forensics firm and have contacted law enforcement.”

Further comments confirmed that the attackers were able to perform the data breach by using a compromised password which enabled access to certain authentication information for administrative services for Managed WordPress customers. 

The following information has been exposed after the GoDaddy data breach:

$
Up to 1.2 million of both active and inactive Managed WordPress customers had their personal information exposed, including email addresses and customer numbers.
$
The WordPress admin password was compromised but has since been reset.
$
The sFTP and database information was also exposed by the hackers. These passwords have been reset for all active customers.
$
Some of the SSL private keys were compromised during the breach, but GoDaddy is in the process of installing new certificates for these customers that have been affected.

GoDaddy has been a victim of several breaches in the past. In 2020 they reported an unauthorised third party using their hosting account credentials to connect via SSH. The security team quickly spotted an altered SSH file and suspicious activity on a number of the GoDaddy Servers. (1).

Despite this, GoDaddy continues to be one of the world’s largest and most popular domain registrars and web hosting companies. Their current customer database reaches more than 20 million users worldwide. 

In light of the recent GoDaddy data breach, we would advise all GoDaddy users to reset their passwords on the platform, and also any other places that you may have used the same password. We also recommend implementing, if you haven’t already, best data security practices to protect your private information through using strong unique passwords, regularly changing them, and enabling multi-factor authentication where possible.

Find Out More