GoDaddy’s Data Breach Exposes 1.2M Customers
There has been a data breach involving 1.2 million GoDaddy customers that we would like to bring your attention to. This breach has only impacted organizations using GoDaddy’s Managed WordPress service, so if your organization subscribes to this service, it’s absolutely critical that you work with your website administrator to reset your passwords as soon as possible to avoid any further data loss or exposure to your site.
GoDaddy disclosed that the breach occurred over 2 months ago and was caused by a 3rd party using a compromised password. GoDaddy is actively working with law enforcement so they can provide additional details to customers impacted by this breach and highly recommend you conduct a full review of your site to check for any changes that may have occurred during that timeframe.
According to investigators, the following information was leaked as part of this breach:
- Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents a risk of phishing attacks.
- The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, they’ve reset those passwords.
- For active customers, sFTP and database usernames and passwords were exposed. GoDaddy has reset both passwords.
- For a subset of active customers, the SSL private key was exposed. GoDaddy is in the process of issuing and installing new certificates for those customers.
If you’d like to reach out to GoDaddy for support and additional details about the breach, they’ve provided a link to their help center which can be accessed here:
As always, please feel free to reach out to TSI if you have any concerns we can help address and we will be following up soon with any additional updates detailing the full impact of the breach.