GoDaddy report that Over 1 Million WordPress User Data was Hacked

WordPress users


Dreaded phishing attacks – Over 1 Million WordPress User Data Hacked

Web hosting company GoDaddy Inc announced Monday that the active and inactive email addresses of up to 1.3 million WordPress accounts had been leaked to unauthorized third parties. There is now widespread concern about phishing attacks against WordPress users whose data has been compromised.

Unauthorized third parties use compromised passwords to gain access to security systems in GoDaddy’s legacy codebase for managed WordPress. The company mentioned in a blog post that they discovered the incident on November 17.

“We detected suspicious activity in our managed WordPress hosting environment and, with the help of an IT forensics firm, immediately opened an investigation and contacted law enforcement,” said Demetrius Comes, GoDaddy’s chief information officer, in a blog post.

After identifying the incident, the web hosting company immediately banned the unauthorized third party from the system and the investigation continued. However, a post on the GoDaddy blog revealed that on September 6, 2021, an unauthorized third party used the vulnerability to gain access to 1.2 million WordPress subscribers using their email addresses and contact numbers. Disclosure of email addresses indicates the risk of a phishing attack.

What progress has GoDaddy exercised against data breaches?
In attachment to the email address and mobile number, the original WordPress administrator password set during transmission is disclosed. The Chief Information Security Officer informs that GoDaddy will reset this password if the credentials are still in use.

SFTP usernames and passwords as well as active client databases whose passwords were not reset are also disclosed. Additionally, SSL locks are unlocked for some active customers as the company mentions, “We are in the process of issuing and installing new certificates for these customers.”

The blog post also states that an investigation is ongoing and that GoDaddy is contacting all affected customers directly with specific details. The company also asks if customers can use the phone numbers listed on the website to contact each country or visit the help center at

“We (GoDaddy) will learn from this incident and are already taking steps to strengthen our security systems with an additional layer of protection,” the company said in a affirmation.