Hit enter to search or ESC to close
In a security disclosure published today, GoDaddy says that up to 1.2 million active and inactive customers have been exposed after hackers gained access to its managed WordPress hosting platform. The hack was first discovered by GoDaddy on November 17, 2021.
In this post, we’ll unpack some of the details of the recent GoDaddy hack, how it affected customers, and our recommendations for what to do if you’re a WordPress hosting customer at GoDaddy.
In the public security incident disclosure released today, GoDaddy Chief Information Security Officer Demetrius Comes explained the details of the GoDaddy hack:
“By using a compromised password, an unauthorized third party gained access to the provisioning system in our legacy code base for managed WordPress,” he explains. “Our investigation is ongoing and we are contacting all affected customers directly with specific details.”
Per the disclosure, GoDaddy determined that as of September 6, 2021, an “unauthorized third party” used a compromised password to gain access to the following customer information:
According to the disclosure, the hack has affected both current and past customers of GoDaddy’s managed WordPress hosting platform. This includes WordPress hosting plans from Basic, Deluxe, Ultimate to Ecommerce. The disclosure does not indicate whether other hosting plans have been affected.
If you use GoDaddy to host your WordPress site, we have some (strong) recommendations:
Reset your WordPress password as a precaution. You can do this from the WordPress login screen located at [yourURL]/wp-admin. Change your password to something that is strong, unique and complex. See our WordPress password protection tips here.
Using the iThemes Security plugin, enable WordPress two-factor authentication for all your admin-level accounts. Two-factor authentication is a process of verifying a person’s identity by requiring two different methods of verification.
Two-Factor is a free feature in the iThemes Security plugin, so download iThemes Security and install it on your WordPress site.
Website Security Logging is an essential part of your WordPress security strategy. Inadequate logging and monitoring can delay the detection of a security breach.
WordPress security logs have several benefits in your overall security strategy:
1. Identify and prevent malicious behavior. There are a lot of activities happening on your site every day that you might not be aware of. Many of these activities may be directly related to the security of your site. That’s why logging is so important: activities are tracked so you know if a hack or breach has occurred.
2. Spot activity that can alert you to a violation. Activities such as unrecognized file changes or suspicious user activity may indicate a hack. It is so important to know when these activities have occurred so that you can know immediately whether a violation has occurred.
3. Assess how much damage was done. With WordPress Security Log, you can view file changes and user activity that may be related to hacks or breaches. Logs give you a trail of sorts that can help undo any damage done by a hacker inserting malicious scripts on your website or making other file changes.
4. Assistance in repairing the hacked site. If your site does get hacked, you’ll want to get the best information you can to aid in quick investigation and recovery. WordPress security logs can guide you through the hack’s timeline and show everything the hacker has changed, from adding new users to adding unwanted pharma ads to your site.
iThemes Security Pro’s WordPress security logs make it easy to track user activity, such as logins, user creation/registration, adding/removing plugins, and changes to posts/pages.
From the iThemes Security Pro Dashboard, you can force a password change for all users. This will require users to change their password very carefully.
The Trusted Devices feature in the iThemes Security Pro plugin works to identify the tools that you and other users use to login to your WordPress site. Once your devices are identified, we can prevent session hijackers and other bad actors from doing any harm to your website.
Trusted devices can restrict their administrator-level capabilities when a user has logged on to an unfamiliar device. This means that if an attacker was able to break into the backend of your WordPress site, they would not have the ability to make any malicious changes to your website.
iThemes Security Pro will also send you an email letting you know that someone has logged into your site from an unfamiliar device. The email includes an option to block the hacker’s device.
You will then be able to see when there are unfamiliar logins to your site from devices that were not approved.
As indicated by the security disclosure, the leak of GoDaddy customer email addresses may pose a phishing risk. Beware of suspicious emails from GoDaddy.
Phishing is a cyber-attack method by using email, social media, text messages and phone calls to trick the victim into giving out personal information. The attacker would then use the information to access personal accounts or commit identity fraud.
By using some WordPress security best practices, you can protect your site from compromised passwords and vulnerabilities. As the risk of hacks and breaches for WordPress sites is increasing, the iThemes Security Pro plugin was designed to help you get a little rest every night.
Get iThemes Security Pro with 24/7 Website Security Monitoring
iThemes Security Pro, our WordPress security plugin, provides 50+ ways to secure and protect your website from common WordPress security vulnerabilities. With WordPress, two-factor authentication, brute force protection, strong password enforcement, and more, you can add extra layers of security to your website.
Kristen has been writing tutorials to help WordPress users since 2011. You can usually find him working on new articles for the iThemes blog or developing resources for #WPprosper. Outside of work, Kristen enjoys daily adventures like journaling (she’s written two books!), hiking and camping, cooking, and with her family, and hopes to live a more present life.
About the author