GoDaddy isn't the only web hosting firm caught up in mega breach

News
By last updated

Several other resellers also impacted

GoDaddy logo
(Image credit: Shutterstock/Postmodern Studio)

The recent GoDaddy breach that impacted more than 1.2 million users isn’t limited just to that web hosting company, but affected a whole slew of resellers.

A day after the breach occured, the company announced how tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe were also all affected.

GoDaddy VP of Corporate Communications Dan Race, told TechRadar Pro, "The GoDaddy brands that resell GoDaddy Managed WordPress are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost. A small number of active and inactive Managed WordPress users at those brands were impacted by the security incident. No other brands are impacted. Those brands have already contacted their respective customers with specific detail and recommended action."

Wider impact

While tsoHost, 123Reg, Domain Factory, Heart Internet, and Host Europe were bought out by GoDaddy in 2017, Media Temple was acquired back in 2013. 

Both Media Temple and tsoHost have already begun sending out emails to warn  users of the data breach.

It seems that all of the impacted hosting providers use the same URL, starting with https://myh.secureserver.net/#/hosting/mwp/v1/ for provisioning, account management, and configuration of their Managed WordPress offers. What’s more, they store sFTP passwords which can then be found, in plaintext.

As per the earlier report, a malicious actor used a compromised password to access GoDaddy’s database sometime around September 6. It took GoDaddy more than a month to spot the intrusion, as it said it discovered the breach on November 17.

The 1.2 million active and inactive users that were compromised in this attack have had their email addresses and customer numbers exposed, the company further said. It warned that these sites were at additional danger of possible phishing attacks, and said that the original WordPress admin password, which gets created with the first installation of WordPress, is also exposed. Meaning, if the webmasters fail to change the “factory” password, their websites could be in particular danger.

GoDaddy has more than 20 million customers worldwide.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
GoDaddy logo
GoDaddy told to up security practices by FTC
WordPress on a laptop
Over 20,000 WordPress sites hit by damaging malware campaign
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
Thousands of WordPress websites hit in new malware attack, here's what we know
Wordpress brand logo on computer screen. Man typing on the keyboard.
Thousands of WordPress sites targeted with malicious plugin backdoor attacks
Suitcase next to a bed in a hotel
Millions of hotel users see personal info checked out in huge data leak
vpn
Nominet says it was hit by cyberattack following recent Ivanti VPN security issue
Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
L-mount alliance
Sirui joins L-Mount Alliance to deliver its superb budget lenses for Leica, DJI, Sigma and Panasonic cameras
Security padlock and circuit board to protect data
Trust in digital services around the world sees a massive drop as security worries continue
Samuel and Romy standing very close together in A24's Babygirl movie
Everything new on Max in April 2025, including A24's Babygirl and The Last of Us season 2
An AMD Radeon RX 9070 XT made by Sapphire on a table with its retail packaging
AMD’s secret weapon against Nvidia seems to be stock – way more RX 9070 GPUs are rumored to be hitting shelves than RTX 5000 models
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
Seth Milchick and Kier Eagan's animatronic speaking in Severance season 2 episode 10
Apple TV+ announces Severance has been renewed for season 3 after that devastating finale
More about security
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)

This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
ChatGPT search extension in Chrome.

What is Rawbot? Everything we know about the AI comparison tool

See more latest
Most Popular
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
Gemma staring at something off-camera in Severance season 2 episode 10
'Everyone is going to be so torn': Severance star Dichen Lachman reacts to the popular Apple TV+ show's most 'intense' season 2 finale event
L-mount alliance
Sirui joins L-Mount Alliance to deliver its superb budget lenses for Leica, DJI, Sigma and Panasonic cameras
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Security padlock and circuit board to protect data
Trust in digital services around the world sees a massive drop as security worries continue
Samuel and Romy standing very close together in A24's Babygirl movie
Everything new on Max in April 2025, including A24's Babygirl and The Last of Us season 2
An AMD Radeon RX 9070 XT made by Sapphire on a table with its retail packaging
AMD’s secret weapon against Nvidia seems to be stock – way more RX 9070 GPUs are rumored to be hitting shelves than RTX 5000 models
AMD Ryzen AI
New leak suggests AMD's working on an Arm-based processor to rival Qualcomm's Snapdragon X series
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Saturday, March 22 (game #384)