Note: Lyons Web Solutions is in no way connected/affiliated with GoDaddy. Our customers have not been affected by the GoDaddy hack. This article is simply for informational purposes.
GoDaddy Hacked: Beginning on September 6th, 2021, GoDaddy’s servers were hacked and customer data was compromised. As a result of the hack, many customers’ private information was put at risk.
GoDaddy is a popular hosting provider for both personal and business websites. GoDaddy hosts over 82 million domains which makes them one of the largest hosting companies in the world. Shared hosting is the most popular form of web hosting. Low-cost and easy to use, it’s a great way to build your website. Unfortunately, many people are unaware that shared hosting environments often come with risks. The more customers on a server, the more risk there is for security breaches.
If you use GoDaddy shared hosting for your business website or a personal blog, it might be time to consider switching hosts.
The Risk of Shared Hosting
Shared hosting is an affordable way to get your website online. You can register for shared hosting for as little as $3.99 per month. With shared hosting, you share space on a server with other websites. The more people on the server, the more risk there is for security breaches.
On September 6th, 2021 GoDaddy servers were hacked and leaked data was posted on the internet. This means that customers’ personal information was put at risk. If you use GoDaddy shared hosting for your business website or a personal blog, it might be time to switch hosts or at very least update your passwords.
GoDaddy has been hacked before, and there’s always a chance it will happen again. If you’re using their shared hosting services, this could be a problem. You’ll want to look into another form of hosting, like using Amazon Web Services.
GoDaddy Hacked: How Did it Happen?
Shared hosting is a great way to get started and build your website. However, for this to be effective, you need to know the risks and how to minimize them. The more customers on a server, the more risk there is for security breaches.
In the public security incident disclosure released November 22nd, 2021, Demetrius Comes, GoDaddy Chief Information Security Officer, explained the details of the GoDaddy hack:
“Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress,” he explains. “Our investigation is ongoing and we are contacting all impacted customers directly with specific details.”
According to the disclosure, GoDaddy determined that beginning on September 6, 2021, the “unauthorized third party” used a compromised password to gain access to the following customer information:
- Up to 1.2 million active and inactive Managed WordPress customers had their email address and customer number exposed. The exposure of email addresses presents risk of phishing attacks.
- The original WordPress Admin password that was set at the time of provisioning was exposed. If those credentials were still in use, GoDaddy reset those passwords.
- For active customers, sFTP and database usernames and passwords were exposed. GoDaddy reset both passwords.
- For a subset of active customers, the SSL private key was exposed. GoDaddy is in the process of issuing and installing new certificates for those customers.
GoDaddy Customers: What to Do After the Hack
While the GoDaddy hack was a major breach and did reveal people’s personal information, GoDaddy has taken steps to make sure it doesn’t happen again. They’ve implemented stronger security measures and privacy policies. While the data breach might not have been GoDaddy’s fault, take time to assess what hosting company you’re using and make sure your personal and business information is safe.
As a precautionary measure, it’s recommended to update your passwords and security questions to better protect your information. If you’ve been using the same website login credentials for years, it might be time to change them. If you have any questions or concerns about the data breach, reach out to GoDaddy. They’ll be able to answer any questions you have and show you how they’re addressing the issue.
Check out this article from iThemes security for more information on how to secure your GoDaddy site.
GoDaddy Customers: Alternative Web Hosts for You
In this post, we’ll go over some of the best alternatives to GoDaddy shared hosting. If this hack has you worried about your information security, it’s a good idea to take a look at these other web hosts.
We’ll cover a few different types of hosting:
– Website Builder: A website builder will create a domain and website for you and you’ll be able to edit it as needed. It’s a convenient way to start a site without any coding skills.
– Dedicated Hosting: Dedicated hosting is the more expensive option but it’s also more secure because your site will be hosted on a server designed for your website.
– Virtual Private Server: A virtual private server is a cost-effective option for those who need a little more power from their server.
– Co-Location Hosting: Co-location hosting is an intermediate form of web hosting that allows you to host your website on your own equipment.
As you can see, many of the popular shared hosting providers are not immune to hacking. With the increasing amount of hacks, it has become apparent that shared hosting isn’t the safest option.
If you’re looking for a more secure option, you may want to consider investing in a virtual private server or VPS. VPS’s are more expensive than shared hosting but will allow you to customize your server to meet your specific business needs.
Alternatively, if you’re not worried about having too much control over your server, you could also opt for a cloud hosting provider. Cloud hosting providers offer shared server space on their servers with an array of storage options.
Whatever your choice, it will be critical to take the necessary precautions to protect your data and ensure that your website is secure.
Feel free to contact us with any questions or project inquires.