In disclosures to the Securities and Exchange Commission, web registrar and hosting company GoDaddy has revealed that it discovered it had been hacked. The company says that it discovered an “unauthorized third party” had gained access to its Managed WordPress hosting environment. Anything up to 1.2 million users have seen their email address and customer number exposed, as well as admin passwords for both WordPress sites hosted on the platform, plus passwords for sFTPs, databases and SSL private keys.
The document says that GoDaddy believes that the breach first occurred on September 6th, 2021, and the investigation is currently ongoing. Demetrius Comes, Chief Information Security Officer, says that GoDaddy is currently working with law enforcement and a private IT forensics firm. In addition, it says that it has reset the relevant credentials and will work with users to issue new SSL certificates. Comes ends his statement by saying that the company will, perhaps a little too belatedly, “learn from this incident” and will take steps to prevent such a breach happening in future.
This is far from the first time that GoDaddy has been spoken in the same sentence as a security breach in recent years. In 2018, an AWS error exposed data on GoDaddy servers, and in 2020, 28,000 user accounts were breached by an unauthorized individual. Later last year, GoDaddy was also referenced as part of a hack that took down a number of sites in the cryptocurrency space.