GoDaddy claims that various Managed WordPress services resellers have been affected by the newly revealed data hack that affected around 1.2 million customers. Go Daddy’s Dan Rice announced that tsoHost, 123Reg, Media Temple, Heart Internet, Domain Factory, and Host Europe are the six resellers affected by the effective hack.
After purchasing web hosting and cloud services businesses Host Europe Group in 2017 and Media Temple in 2013, GoDaddy bought these brands. Rice notified WordPress security company Wordfence that the security breach affected a limited number of active and inactive Managed WordPress users at those businesses.
GoDaddy detected the data breach last Wednesday, but the company’s Managed WordPress hosting environment had been compromised since at least September 6, 2021, when unknown threat actors gained access.
In data breach notification letters, GoDaddy said that the investigation is ongoing. Still, they have found that an unauthorized entity may have gained access to your Managed WordPress service and been able to make changes to it, including changing your website and the material stored on it. On its website, GoDaddy has yet to make a public announcement about data theft.
It isn’t the first time the web hosting behemoth has acknowledged a data breach or a cybersecurity problem in recent years. In May of last year, GoDaddy notified customers that cybercriminals had exploited their web hosting account credentials to log in to their hosting account using SSH.
The intrusion was detected after GoDaddy’s security team identified a changed SSH file in the company’s hosting environment and saw unusual behavior on a subset of the company’s servers. In 2019, GoDaddy secretly inserted JavaScript onto the websites of US clients, potentially leaving them unusable or negatively harming their overall performance.