GoDaddy is known to Israeli users primarily as a domain registrar, but the company also offers
web hosting services (not recommended). In recent days, GoDaddy reported to the US Securities and Exchange Commission (SEC) that the company's servers had been hacked and that 1.2 million WordPress website hosting accounts had been exposed to third parties. The hack exposed email accounts, GoDaddy account numbers, and WordPress admin passwords. In addition, FTP, database, and SSL passwords were also exposed.
According to the report, the initial hack occurred on September 9, 2021. The company is still investigating the circumstances of the incident, with the assistance of law enforcement and a forensic company in the US. According to GoDaddy, the company has reset all passwords and will assist users in installing new SSL certificates.
This is not the first time GoDaddy has experienced a serious breach of its hosting servers. In 2018 and 2020, similar security incidents occurred at the company, and many users' data was leaked.
After the news of the GoDaddy breach was published, it became clear that GoDaddy's
reseller hosting services were also affected, including Host Europe and Media Temple. Here too, user login details were exposed, and it took some time for the problem to be fixed.
As mentioned, hosting on GoDaddy's servers is not recommended, and not only because of security issues—their service is notorious for its inefficiency, and they do not provide advanced hosting services. In addition, their shared hosting servers are frequently hacked.
At Linux Hosting, we place the utmost importance on information security and protecting your websites. For more information on
secure website hosting.
How this breach differs from typical WordPress hacks
The GoDaddy breach wasn't through a vulnerable WordPress plugin — it was through the provider's own infrastructure. Attackers gained access to GoDaddy's database, leaking 1.2 million customer records and internal SSH keys for the managed environment. This is a rare but instructive case — it highlights the risk of concentrating all your eggs in one basket at a mega-provider.
What GoDaddy customers should do
- Change all passwords related to the account: cPanel/Managed WP login, FTP, database, and WordPress Admin users.
- Review login logs in cPanel and WordPress for the period since the first breach.
- If a personal SSH key was deployed — rotate it and check there are no new keys you didn't add.
- Run a full security scan on the site with Wordfence or Imunify360.
- Consider migrating to another provider if trust is lost.
Lessons we can take away
Infrastructure breaches at hosting providers happen periodically — we've seen several incidents at major providers. Best defense: reduce over-reliance on a single provider, maintain off-provider external backup (BackBlaze, S3), enable 2FA on the admin account, and choose a provider with reasonable transparency about security incidents.
We at Linux Hosting commit to notifying customers within 48 hours of any suspected security incident affecting their data.