GoDaddy breach widens to include reseller subsidiaries

News
By ( ChannelPro ) published

123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple, and tsoHost also affected

Open padlock on circuit board

The recent GoDaddy breach which affected 1.2 million customers has now widened to include subsidiaries that resell the firm’s Managed WordPress offering.

The hosting company has revealed that the companies are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost.

GoDaddy confirmed to Wordfence that several of the resellers’ customers have been affected by the attack, which is said to have exposed email addresses, customer numbers, administrative login details, and even SSL private keys since it began.

The hosting giant stopped short of confirming how many additional users have now been affected, however.

“The GoDaddy brands that resell GoDaddy Managed WordPress are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple, and tsoHost,” Dan Rice, vice president of corporate communications at GoDaddy, revealed to Wordfence.

“A small number of active and inactive Managed WordPress users at those brands were impacted by the security incident. No other brands are impacted. Those brands have already contacted their respective customers with specific detail and recommended action.”

As reported by our sister website ITPro, GoDaddy revealed in a public filing to the SEC that an intruder had gained entry to its Managed WordPress hosting environment on Nov 17, having used a stolen password to access the provisioning system for the service.

The company disclosed that up to 1.2 million active and former users of its managed service had their email addresses and company numbers exposed. It also had to reset passwords after sFTP and database usernames and passwords were also stolen.

Additionally, GoDaddy is currently issuing new certificates for a “subset of active customers” that had their SSL private keys exposed.

It was also discovered that the attacker had been inside the system since September 6, equating to more than two months of access to the data.

"We are sincerely sorry for this incident and the concern it causes for our customers," the company said in its filing. "We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down.

“We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection."

Daniel Todd
Daniel Todd

Dan is a freelance writer and regular contributor to ChannelPro, covering the latest news stories across the IT, technology, and channel landscapes. Topics regularly cover cloud technologies, cyber security, software and operating system guides, and the latest mergers and acquisitions.

A journalism graduate from Leeds Beckett University, he combines a passion for the written word with a keen interest in the latest technology and its influence in an increasingly connected world.

He started writing for ChannelPro back in 2016, focusing on a mixture of news and technology guides, before becoming a regular contributor to ITPro. Elsewhere, he has previously written news and features across a range of other topics, including sport, music, and general news.

Read more
Ransomware concept image showing digitized padlock pictured on a laptop screen on red background
850,000 patients may have been affected in the Globe Life breach after firm revises victim list
Security tools concept image showing multiple locked padlocks with one opened padlock placed in middle.
Western Alliance Bank admits cyber attack exposed 22,000 customers
TalkTalk logo and branding pictured on a smartphone with binary code in background.
‘Wholly inaccurate and very significantly overstated’: TalkTalk confirms data breach probe – but says it's not as bad as claimed
IoT security concept image showing illuminated digitized padlock lined up with transparent padlocks.
Insurance sector urged to sharpen up third-party risk management as attacks surge
angled view of a dialogue box with a purple Malware icon surrounded by other neon blue dialogue boxes with pink backlight
A ‘significant increase’ in infostealer malware attacks left 3.9 billion credentials exposed to cyber criminals last year – and experts worry this is a ticking time bomb for enterprises
Seized servers from bulletproof hosting facility wrapped in cellphane
The Zservers takedown is another big win for law enforcement
Latest in Security
Cybersecurity concept image symbolizing third-party data breaches with give padlock symbols and one pictured in red, signifying a security breach.
These five countries recorded the most third-party data breaches last year
Phishing concept image showing an email symbol with fishing hook.
Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attack
23andMe logo and branding pictured on a sign outside the company headquarters in Sunnyvale, California.
Millions of 23andMe users’ genetic data could be up for grabs – and experts worry it’s a looming privacy nightmare
Malware Detected Warning Screen with abstract binary code 3d digital concept
Fake file converter tools are on the rise – here’s what you need to know
Oracle logo pictured on the front of the company headquarters in Redwood City, California.
Oracle breach claims spark war of words with security researchers
Cybersecurity concept image showing digitized padlock with data points flowing out from behind.
Security experts warn of ‘contradictory confidence’ over critical infrastructure threats
Latest in News
Digital handshake concept with Hand shake between two businessmen with digital hand
SYSPRO appoints Josef Al-Sibaie to spearhead global expansion
A telephoto shot of Evan Goldberg, founder and EVP at Oracle NetSuite, pictured from the waist up speaking onstage at the opening keynote of SuiteConnect London 2025.
‘Every feature that comes into NetSuite over the coming years is going to have AI’: NetSuite’s Evan Goldberg on the future of the platform and how AI will drive customer success
ChatGPT logo and branding pictured in white coloring against a black backdrop.
DeepSeek and Anthropic have a long way to go to catch ChatGPT: OpenAI's flagship chatbot is still far and away the most popular AI tool in offices globally
Cybersecurity concept image symbolizing third-party data breaches with give padlock symbols and one pictured in red, signifying a security breach.
These five countries recorded the most third-party data breaches last year
Flexible work concept image showing woman working in office environment side by side with woman working from home.
IT professionals aren’t budging on flexible work demands – and more than half say they’ll quit if employers don’t meet expectations
Phishing concept image showing an email symbol with fishing hook.
Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attack
More about security
Cybersecurity concept image symbolizing third-party data breaches with give padlock symbols and one pictured in red, signifying a security breach.

These five countries recorded the most third-party data breaches last year
Phishing concept image showing an email symbol with fishing hook.

Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attack
Digital handshake concept with Hand shake between two businessmen with digital hand

SYSPRO appoints Josef Al-Sibaie to spearhead global expansion
See more latest
Most Popular
Digital handshake concept with Hand shake between two businessmen with digital hand
SYSPRO appoints Josef Al-Sibaie to spearhead global expansion
ChatGPT logo and branding pictured in white coloring against a black backdrop.
DeepSeek and Anthropic have a long way to go to catch ChatGPT: OpenAI's flagship chatbot is still far and away the most popular AI tool in offices globally
A telephoto shot of Evan Goldberg, founder and EVP at Oracle NetSuite, pictured from the waist up speaking onstage at the opening keynote of SuiteConnect London 2025.
‘Every feature that comes into NetSuite over the coming years is going to have AI’: NetSuite’s Evan Goldberg on the future of the platform and how AI will drive customer success
Cybersecurity concept image symbolizing third-party data breaches with give padlock symbols and one pictured in red, signifying a security breach.
These five countries recorded the most third-party data breaches last year
Phishing concept image showing an email symbol with fishing hook.
Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attack
Flexible work concept image showing woman working in office environment side by side with woman working from home.
IT professionals aren’t budging on flexible work demands – and more than half say they’ll quit if employers don’t meet expectations
Cybersecurity team members discussing strategy in an open plan office space, with male and female practitioners standing and others sitting at desks.
UK tech firms have a chance to trial a four-day week this year – here's how other pilot schemes fared
Cyber security concept image showing a digitized padlock sitting on a blue colored circuit board.
LevelBlue launches new partner program that’s “built for the future”
23andMe logo and branding pictured on a sign outside the company headquarters in Sunnyvale, California.
Millions of 23andMe users’ genetic data could be up for grabs – and experts worry it’s a looming privacy nightmare
Microsoft Copilot logo and branding pictured on a smartphone screen.
Microsoft launches new security AI agents to help overworked cyber professionals