Over one million GoDaddy hosting customers suffered a data breach in September 2021 that went unnoticed for two months. GoDaddy described the security event as a vulnerability. Security researchers indicate that the cause of the vulnerability was due to inadequate security that did not meet industry best practices.
The statement by GoDaddy announced that they have changed passwords for the affected customers of their WordPress Managed Hosting.
However simply changing passwords does not completely fix possible problems left behind by hackers, which means that up to 1.2 million GoDaddy hosting customers may remain affected by security issues.
GoDaddy Informs SEC Of Breach
On November 22, 2021 GoDaddy informed the United States Security and Exchange Commission (SEC) that they had discovered “unauthorized third-party access” to their “Managed WordPress hosting environment.”
Advertisement
Continue Reading Below
GoDaddy’s investigation revealed that the intrusion began on September 6, 2021 and was only discovered on November 17th, two months later.
Who is Affected And How
GoDaddy’s statement says that up to 1.2 million customers of their WordPress managed hosting environment may be affected by the security breach.
According to the statement to the SEC the data breach was due to a compromised password in their provisioning system.