Well shit. That sounds pretty fcking bad https://t.co/CrruUEnec6

— Damien P. Williams, MA, MSc, ABD, Patternist (@Wolven) November 22, 2021

Ruh roh - this massive breach SUCKS for GoDaddy customers, many of whom aren't all that tech savvy. Too bad @GoDaddy didn't put some of the money they received from forcing upsells on customers at every opportunity into security. https://t.co/OlqkjW3L3q

— Crosstalk Solutions (@crosstalksol) November 22, 2021

User data AND site data ... admin passwords for WordPress installs (!!)

Expect a ton of DDOS attacks and spam email onslaughts to come out of this ...

>> GoDaddy discloses recent security breach that exposed 1.2 million accounts https://t.co/c4ZEwK2ZHf

— John Koetsier, CEO of $SMRT (@johnkoetsier) November 22, 2021

Another week, another user data breach :(

"Anything up to 1.2 million users have seen their email address and customer number exposed, as well as admin passwords for both WordPress sites hosted on the platform, plus passwords for sFTPs, databases and SSL private keys." https://t.co/WqxGNWiaL6

— Dan Moore (@mooreds) November 22, 2021

Godaddy hacked - including admin passwords for both WordPress sites hosted on the platform, as well as passwords for sFTPs, databases and SSL private keys. https://t.co/NqgzGZwoGT

— /r/netsec (@_r_netsec) November 22, 2021

Well, thats not good

1.2 Million accounts breached.

GoDaddy filed a statement their legacy WordPress provisioning system was accessed using a compromised password

So, GoDaddy does not use MFA/2FA

They had access Sept 6 2021 until November 17 2021https://t.co/ZEqxVeExQF pic.twitter.com/XUjW8rvj73

— James McMurry (@jmcmurry) November 22, 2021

We’ve been here before…

If you have an account now is the time to 1) review password/username/login details 2) keep an eye on credit, be on alert for odd spending and phishing emails, etc. 3) do you use the same password on other accounts? Change that now https://t.co/fsHZlDDNYm

— Takara Small (@takarasmall) November 22, 2021

No MFA at GoDaddy?

"Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress."

SEC filing: https://t.co/15IrGTwo9c

— Ryan Naraine (@ryanaraine) November 22, 2021

NoDaddy! https://t.co/kTxWkUoUGY

— Corey Quinn (@QuinnyPig) November 22, 2021

Data breach at @GoDaddy:

“The company said that active customers had their sFTP credentials (for file transfers), and the usernames and passwords for their WordPress databases, which store all the user’s content, exposed in the breach.” https://t.co/8HOfzVqVaY

— Troy Hunt (@troyhunt) November 22, 2021

New: Web host GoDaddy has confirmed a data breach affecting 1.2 million customers, who use WordPress. GoDaddy said email addresses and customer IDs were accessed, and in some cases customer database passwords and SSL private keys were exposed. https://t.co/ak5NlFsnn1

— Zack Whittaker (@zackwhittaker) November 22, 2021

Not saying this was expected, but I haven't exactly heard anything positive about working with their security team... https://t.co/rTYRnjYQMZ

— Sam Curry (@samwcyo) November 22, 2021

I deleted my GoDaddy account a few years ago when I stoped using them. I deleted it because I figured that something like this could happen. It's nice to feel validated. https://t.co/9jD1vY63nv

— Will C newest ANDnXOR intern (@WillCaruana) November 22, 2021

Hey @godaddy there is big difference between selling “hosting” and knowing @WordPress. Security of customers & their information comes first. https://t.co/HdXzDvhSLL

— OM (@om) November 22, 2021

GoDaddy disclosed today that it suffered a data breach that impacted the details of 1.2 million WordPress site ownershttps://t.co/Z8uJdEgJLO pic.twitter.com/00HjAu6qHo

— Catalin Cimpanu (@campuscodi) November 22, 2021

#GoDaddy #databreach impacts 1.2 million #WordPress site owners. Breached data includes: the original WordPress Admin password that GoDaddy issued to customers when a site was created, also the
sFTP and database usernames and #passwords were exposed.
https://t.co/anKlW4bxhg

— Sam Stepanyan (@securestep9) November 22, 2021

How do you think you can detect this earlier? ?#wordpress #databreach #CyberSecurity #infosec https://t.co/Mq1w1e8tNk

— faradaysec (@faradaysec) November 22, 2021

GoDaddy security breach exposes WordPress users' data https://t.co/GVg0g8nTNK

— Justin Hendrix (@justinhendrix) November 22, 2021

Hosting Wordpress on Godaddy? Time to rotate passwords and keys! ?https://t.co/XY2VPBrlzX

— Recon InfoSec (@Recon_InfoSec) November 22, 2021

Have a Wordpress Account on GoDaddy? You need to read this.https://t.co/hipVFicOEW#privacy #security #databreach

— Cory Underwood (@randomnessncats) November 22, 2021

GoDaddy breached. Affects 1.2M customers. More on this shortly. https://t.co/NzVdbV6Sh2

— Wordfence (@wordfence) November 22, 2021

GoDaddy Breach Exposes 1.2 Million Managed WordPress Customer Accounts https://t.co/9nRhev3ElK

— Ken Westin (@kwestin) November 22, 2021

Hey law firms with Wordpress sites (so, basically all of them ?): change your admin password. https://t.co/XUjDJGXcY0

— Jasmine Gavigan (@JasmineGavigan) November 22, 2021

Over a million #WordPress sites breached https://t.co/JDOqhCU2NP via @ZDNet & @sjvn Yeah, about that guarantee @GoDaddy… #security

— Steven J. Vaughan-Nichols (@sjvn) November 22, 2021

Over a million WordPress sites breached https://t.co/jHT9GArnFK

— The Cyber Security Hub™ (@TheCyberSecHub) November 22, 2021

Over a million WordPress sites breached https://t.co/BUyH7vJPqS by @sjvn

— ZDNet (@ZDNet) November 22, 2021

GoDaddy data breach exposes information from over 1 million users https://t.co/elIlPAoImu

— Asher Wolf (@Asher_Wolf) November 22, 2021