Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
GoDaddy data breach overview:
- Who: GoDaddy has revealed that it suffered a multiyear data breach that the hosting company is linking back to previous data breach disclosures in March 2020 and November 2021.
- Why: GoDaddy is attributing the data breach to a multiyear campaign conducted by bad actors they believe are intentionally targeting hosting services.
- Where: Consumers nationwide use GoDaddy.
GoDaddy has revealed it suffered a multiyear data breach in which unknown hackers stole source code and installed malware on the company’s servers.
The hosting company has attributed the security incident to a breach of its cPanel shared hosting environment by a “sophisticated and organized group targeting hosting services like GoDaddy.”
“According to information we have received, their apparent goal is to infect websites and servers with malware for phishing campaigns, malware distribution and other malicious activities,” GoDaddy said.
GoDaddy said it discovered the data breach in December after it received customer reports that their websites were being used to redirect web users to random domains.
In a filing with the U.S. Securities and Exchange Commission, GoDaddy said its investigation determined the data breach has been part of a “multi-year campaign by a sophisticated threat actor group.”
GoDaddy links current data breach disclosure to previous data breaches from 2020, 2021
GoDaddy has linked the “campaign” back to previous breach disclosures the company made in March 2020 and November 2021.
In the November 2021 data breach, hackers reportedly used a compromised password to breach GoDaddy’s WordPress hosting environment, affecting 1.2 million Managed WordPress customers.
GoDaddy customers affected by the November 2021 breach had their email addresses, database credentials, WordPress Admin passwords, and other information exposed during the attack.
The company had previously notified 28,000 of its customers in March 2020 that they had been affected by a data breach that was attributed to a hacker who made unauthorized use of web hosting account credentials in October 2019.
GoDaddy said it has begun working with external cybersecurity forensic experts and law enforcement agencies around the world to try and determine how the breach could have occurred.
In other recent data breach news, LendUS agreed to a settlement last month to resolve claims the company failed to protect consumers during a 2021 data breach that compromised information that included Social Security numbers.
Have you been impacted by a GoDaddy data breach? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
25 thoughts onGoDaddy says it suffered multiyear data breach
We were hacked on Dec. 8, 2023-totally shut down our import and distribution business, took over our online store so we could not fill orders or collect money. Credit cards charged for many items we did not purchase . Our staff and IT company worked many overtime hours trying to correct all the problems. I could go on and on but just add use to the list for a class action lawsuit.