We’ve all heard of GoDaddy. We’ve seen their Superbowl commercials. You probably know a WordPress ecommerce store owner that uses their managed hosting services.
What you may not have heard is there was an enormous GoDaddy security breach recently. GoDaddy recently exposed the data of 1.2 million managed WordPress hosting customers, including a high number of ecommerce websites.
If you know a GoDaddy customer, you might want to send them this blog. We’ll be covering the following questions:
- How did the security breach happen?
- What makes the GoDaddy security breach different?
- What can a hacker do if they access the data GoDaddy breached?
- What is the fallout of a security attack like this?
- Essential WordPress managed hosting security features
- What can we learn from this security breach?
Here’s What Happened
According to GoDaddy, the security breach occurred in early September 2021 and was detected in late November 2021. It is the latest in a series of data breaches among large hosting providers, some of whom power big name brands.
But for the most part, these data breaches affect small to medium-size businesses (SMBs) in ecommerce. 50% of all cyberattacks target SMBs.
In the case of GoDaddy, it only took one compromised password to access 1.2 million managed WordPress accounts. One.
The GoDaddy data breach reminds us of the vulnerabilities SMBs face in today’s digital landscape. Managed WordPress customers often depend on their hosting providers to take care of security.
GoDaddy wasn’t doing that.
What Makes the GoDaddy Data Breach Different?
The GoDaddy hack exclusively targeted managed WordPress hosting customers. Managed hosting services allow ecommerce store owners to set up domains, hosting, security, and website tools in one easy location. It’s the most efficient way to manage and grow an ecommerce business.
But if your managed hosting provider isn’t following security best practices, hackers can gain access to all of the features managed hosting provides.
Think of it this way: if it were a brick and mortar store, a hacker would be able to unlock the front door, watch your customers, steal billing documents, and snoop through personal information — all while remaining undetected.
In the case of GoDaddy, they didn’t even know the hacker was there until two months later.
What Can a Hacker Do with the Data GoDaddy Breached?
Let’s say you were one of GoDaddy’s WordPress managed hosting customers. Here’s what the hacker could do:
- Access your WordPress Admin password and open your dashboard.
- Send you emails, text messages, and call you.
- Access any file transfers you’ve made, including invoices, billing data, backups, and directories.
- Obtain and use your SSL certificate, which can open you up to fraud.
- Access your customer data, including emails, personal information, and addresses.
GoDaddy has since “re-keyed” all of the websites affected, providing new SSL codes and passwords. But once that information is out there, there is no telling where it will go.
Update: 2022 GoDaddy Hack
Following the December 2021 GoDaddy security breach, a new hacking campaign struck GoDaddy managed WordPress users again in March 2022.
Almost 300 sites were found to be infected with a backdoor payload which had been in use for at least seven years. Hackers added it to the beginning of wp-config.php in order to create spammy Google results intended to infect sites.
Researchers speculate that the 2022 attack may be linked to the 2021 GoDaddy data breach.
To protect their sites, GoDaddy's managed WordPress customers need to manually review their wp-config.php file or scan it with malware detection.
What is the Fallout of an Attack Like This?
WordPress store owners know that their customer-facing website is just the top layer of how ecommerce operates. What a customer sees is powered by hard work.
For hosting providers, this is called the front end — being your storefront — and the backend — being the code, plugins, and content that allow customers to purchase.
When a data breach occurs, hackers enter through the backend. When they have access to backend data, they can cause site downtime, spread malicious links, create phishing attacks, and create code vulnerabilities.
A security breach can ignite high-volume customer communication, negative reviews, and a decline in sales. If you have investors or partner with other companies, the breach will also impact those relationships.
Recovering your reputation could take months or years, especially in the eyes of Google. If your site was spreading malicious links, it might be a while before you see clicks in the search engines again.
The good news is that attacks like the GoDaddy data breach are 100% preventable. If your managed hosting provider is doing it right, you won’t have to worry about your data being stolen.
Essential Managed Hosting Security Features
The best managed hosting providers offer 100% transparency on their security features and updates. Security should be visible, accessible, and updated automatically.
Here are the essential features ecommerce store owners need to stay safe in today’s digital world:
Nexcess vs. GoDaddy
Nexcess | GoDaddy | |
Premium SSL certificates | Yes | Yes |
1-Click SSL Encryption | Yes | No |
Transfer Existing SSL | Yes | Limited |
Firewall enhancements | Yes | Limited |
PCI compliant | Yes | Meets requirements |
Proactive patches | Yes | No |
Automated plugin updates | Yes | Limited |
WordPress core security patches | Yes | Yes |
Malware scans | Yes | Yes |
Daily backups | Yes | Yes |
Security plugin recommendations based on your site’s needs | Yes | No |
24/7 phone support | Yes | No |
24/7 live chat support | Yes | No |
24/7 email support | Yes | Submit ticket |
Want to learn more? Here’s how to make your website more secure.
What We Learned from the GoDaddy Breach
GoDaddy’s security breach, in addition to other recent hosting data breaches, reminds us that online stores need robust protection. And that protection has to move faster than ecommerce does.
Most articles will tell WordPress store owners to stay vigilant. But this event wasn’t their fault.
Their hosting providers need to maintain and exceed security best practices.
You wouldn’t accept a faulty lock on your brick and mortar store, nor should you accept substandard security on your ecommerce website. Choose your WordPress hosting provider wisely!
Nexcess provides the best-in-class security for managed hosting customers. Our always-on security pledge means that your store is protected at all times. Nexcess security experts strengthen our infrastructure every day, adding new firewalls and authentications. And because you own your data, we can never access it without your permission.
Questions about your Nexcess security? Contact us 24/7/365.