GoDaddy breach: Up to 1.2 million user records compromised

The email addresses, customer numbers and, in some cases, private SSL keys of GoDaddy users have been compromised in a data breach.

An unauthorized third party gained access to the GoDaddy Managed WordPress hosting environment via a compromised password. The organization noticed suspicious activity on November 17 and contacted an IT investigative firm and law enforcement regarding the breach.

The organization determined that the cyber actor had access to the GoDaddy system beginning on September 6, 2021. Compromised information includes the email addresses and customer numbers of up to 1.2 million Managed WordPress users; the Secure File Transfer Protocol (SFTP) and database login information for active users; and the SSL private keys of some users.

GoDaddy has reset affected user passwords and is installing new certificates for users with compromised SSL private keys.

Danny Lopez, CEO at Glasswall, commented on the implications of the breach. Lopez said, "Reports of hackers gaining access to web hosting companies such as this are troubling, given the amount of data such businesses hold and the ramifications if it falls into the wrong hands.

Organizations need to adopt robust processes for onboarding and offboarding employees and affiliates that may receive access to key information systems. It's vital to control privileged access and to monitor those that enjoy that administrator privilege. Ensuring that multi-factor authentication is enforced wherever possible, is a vital defense where user credentials find their way into the public domain. This will help to limit the blast radius, and in most cases, defeat the data breach."

Madeline Lauver is the Editor in Chief of Security magazine. Lauver joined Security in 2021 as its Assistant Editor, and she covers news affecting enterprise security leaders, including physical security, cybersecurity, leadership and management, risk and resilience and more. Within her role at Security, Lauver focuses on news articles, web exclusives, features and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content. Lauver graduated in 2019 with a B.A. in English, German and Media Studies from Kalamazoo College.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

ON DEMAND: Apple Mac computer use is growing in the corporate space. Having the solutions and the knowledge base to respond to events that include Mac computers is just as important as their Windows counterparts.