GoDaddy reported a data breach that exposed 1.2 million accounts. The company’s chief information security officer Demetrius Comes reported the breach in a filing to the Securities and Exchange Commission.
The hosting provider detected unauthorized access to its systems. Specifically, the systems it uses to manage its customer’s WordPress servers.
The company claims the unauthorized person used a compromised password to get access on September 6, 2021. However, it only discovered the breach over two months later, on November 17.
This isn’t the first time GoDaddy was slow to respond. Back in 2019 a breach occurred in October but was only discovered six months later in April of 2020.
According to the filing, the latest breach affects 1.2 million active and inactive managed WordPress accounts. The owners had their email addresses, original admin passwords, and customer numbers exposed. GoDaddy says that this puts users at risk of phishing and intrusion.
In addition, active accounts had their SFTP credentials, database passwords, and usernames exposed too.
The company has since reset passwords and private keys and will begin issuing new SSL certificates.
A Household Name
GoDaddy is a well-known name in hosting, but not always for good reasons. It holds a formidable market share and has acquired smaller WordPress hosting providers over the years. That said, customers often criticize it for slow responses to their needs and incidents like this.
Moreover, it has in the past received backlash for “pro-censorship” stances, like supporting the Stop Online Piracy Act (SOPA).
Its main niche seems to be firmly in WooCommerce hosting, making the breach all the more troublesome. GoDaddy says its investigation is still ongoing.
Hopefully, the company will be able to tell exactly what happened and take steps to ensure it doesn’t occur again.