GoDaddy, one of the world’s largest domain name registrars, announced on Thursday that it was the victim of a data breach that exposed over one million accounts. The company said that hackers accessed user account information between October and December 2017. GoDaddy said that it is not yet clear how the hackers were able to gain access to the accounts. ..


GoDaddy reported the breach to the Securities and Exchange Commission. The company explained that it detected unauthorized access to the systems where it hosts and manages WordPress servers. Because WordPress is such a popular tool for creating and managing websites, this could be a severe attack.

As far as what the hackers got, active customers had their sFTP credentials stolen. This is used for file transfers. Additionally,  usernames and passwords for WordPress databases were taken. That means the attackers could have full access to a website’s content. Some users had their SSL (HTTPS) private keys exposed, which could let the malicious attacker impersonate a website.

GoDaddy has reset WordPress passwords and private keys, so it’s already taken the steps required to stock the attacker from exploiting anything with the passwords obtained. The company is in the process of generating new SSL certificates for customers.

The person used a compromised password to get into GoDaddy’s systems around September 6, 2021. The company said it discovered the breach on November 17, 2021. It filed with the SEC on November 22, 2021. That’s a good reaction time from GoDaddy, as it tends to take time for the company to learn exactly what happened before it files anything.

If you were using GoDaddy to host your WordPress website, you’ll want to keep an eye on your content and change all of your passwords to make sure everything is secure.