GoDaddy data breach exposed over a million customer accounts

GoDaddy in a new filing with the US Securities and Exchange Commission revealed it recently discovered unauthorized access to its managed WordPress hosting environment, resulting in the exposure of account data belonging to as many as 1.2 million customers.

The Internet domain registrar and web hosting provider said the discovery was made on November 17, 2021, at which time they immediately began an investigation with the help of an IT forensics firm, and reached out to law enforcement.

The team learned that a compromised password was used to access the provisioning system in its legacy code base for managed WordPress starting on September 6. The attacker was able to gain access to the customer number and email address for up to 1.2 million active and inactive managed WordPress accounts. In the wrong hands, it could put customers at greater risk of phishing attacks, GoDaddy said.

GoDaddy further noted that sFTP and database usernames and passwords for active customers were also exposed, but have since been reset. A subset of active customers also had their SSL private key exposed. GoDaddy said it is in the process of issuing and installing new certificates for these customers.

GoDaddy has dealt with a number of issues in recent years. Back in early 2019, it was discovered that the company was injecting JavaScript into select customers’ websites without their consent. Later that same year, scammers managed to compromise hundreds of GoDaddy accounts to pedal snake oil products and more.

Share value in GoDaddy stock is down nearly five percent on the day, trading at $67.89 as of this writing.