top of page
  • Admin

GoDaddy’s Three-Year-Long Breach – 1+ Million WordPress Users Affected

Published: May 25, 2023 on our newsletter Security Fraud News & Alerts Newsletter.

It’s a fact that corporate data breaches happen much more often than we know about. And then there are data breaches in a category of their own, like the one discovered at GoDaddy earlier this year. The popular web hosting company announced among their data breach findings, that 1.2M of their Managed WordPress customers were affected. GoDaddy found the three-year-long breach began in March 2020 with a successfully phished employee password.

GoDaddy found evidence the attackers accessed their network the entire time for a range of nefarious activities. They released a statement about the breach saying, “We have evidence…this incident was carried out by a sophisticated and organized group targeting hosting services like GoDaddy…their apparent goal is to infect websites and servers with malware for phishing campaigns, malware distribution and other malicious activities.”

Tracking the Breach Breadcrumbs

GoDaddy says the hacking campaign became known in late 2022. That’s when their Managed WordPress customers began reporting getting redirected to random domains and not to their own websites.

GoDaddy followed this clue, leading them to uncover the three-year breach and those behind it. They went on to say “…we are actively collecting evidence and information regarding their tactics and techniques to help law enforcement.”

Website redirecting is a tool that cybercriminals use to steal login and other data. It happens quickly, and many don’t realize they’re being redirected to a “spoofed” website. The site looks like what you expect to land on, so there’s no hesitation entering your password and other login data. Once done, the web page disappears in a flash, taking with it your password and your PII.

Password Phishing

GoDaddy’s believes the attack began with a phished employee password. It’s an example of the enormous damage one compromised password can lead to in the wrong hands. What happened with GoDaddy happens to individual users too – on a smaller scale but equally devastating.

Keeping passwords unique, long, and secure for every online account is an important start. Taking that a step further, never give up or share your passwords with anyone, anywhere, at any time. Hackers do and say anything to steal your password, and nothing is off-limits. No matter what excuse you’re told, don’t fall for it. Remember, a legitimate business would never ask for your password, so don’t get phished!

Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at


bottom of page