GoDaddy Data Breach Exposed Private Information of up to 1.2M Users

Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.

GoDaddy Data Breach Overview: 

• Who: GoDaddy announced a data breach has affected its Managed WordPress service.  
• Why: The data breach exposed the private information of up to 1.2 million of its users.
• Where: The data breach affects GoDaddy users worldwide.

GoDaddy announced this week that its Managed WordPress service fell victim to a data breach, exposing the private information of up to 1.2 million of its users. 

The company filed a notice with the U.S. Securities and Exchange Commission over the incident, which it discovered on Nov. 17 after identifying “suspicious activity” on its Managed WordPress hosting environment. 

GoDaddy says it attempted to rectify the situation immediately by blocking the third-party intruder from the server, which it determined had access to its server since Sept. 6. 

The company revealed the unauthorized third-party was able to gain access to up to 1.2 million active and inactive users’ email addresses and customer numbers, as well as the original WordPress Admin password that had been set at the time of provisioning. 

GoDaddy says it reset any passwords that were still in use, as well as the passwords for active users who had their sFTP and database usernames and passwords exposed. 

Some active users also had their SSL private key exposed, according to GoDaddy, which said it is currently working to issue and install new certificates for those affected. 

“We are sincerely sorry for this incident and the concern it causes for our customers. We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down,” said GoDaddy’s Chief Information Security Officer Demetrius Comes. “We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection.” 

GoDaddy says it is still in the process of investigating the incident and that it is contacting any users who it finds were impacted by the data breach. 

The company is asking any customers with questions or concerns to contact it through its online help center. 

A class action lawsuit filed against GoDaddy in 2016 alleged the company misrepresented its web hosting services and charged too much for an inferior product. 

Was your private information exposed as a result of the GoDaddy data breach? Let us know in the comments! 

Read About More Class Action Lawsuits & Class Action Settlements:

• Coppertone Mineral-Based Sunscreen $2.25M Class Action Settlement
• NCAA Discrimination Class Action Lawsuit Filed by Black Student Athletes Will Continue, Judge Rules
• Is Cerebral Palsy Caused by Lack of Oxygen at Birth?
• Banana Boat ‘Reef Friendly’ Sunscreens Toxic to Coral Reefs, Marine Life, Says Class Action