Skip to main content

More than 1.2 million GoDaddy customers might have had their information exposed in a recent data breach, according to the web hosting company.

GoDaddy’s chief information security officer Demetrius Comes notified the Securities and Exchange Commission that it had detected unauthorized access to its WordPress servers, which is where it keeps customer information, including their email addresses.

GoDaddy has reported that the information was accessed using a compromised password around Sept. 6, and that the breach was discovered on Nov. 17. 

The breach could affect both active and inactive users.

GoDaddy is used by millions of customers to host and manage WordPress servers, and in this breach both usernames and passwords for WordPress databases were made vulnerable. 

SSL (HTTPS) private keys, which could potentially allow a fraud artist to impersonate a customer’s website or services, were also accessed.

If you are worried your information was made vulnerable in the breach, you might want to contact TransUnion, Equifax, and Experian to initiate either a fraud alert or a credit freeze. 

Then change your GoDaddy password immediately, and contact the company for further instructions. 

As always, be careful about any e-mail that looks even the tiniest bit phishy.