If you own a GoDaddy Managed WordPress account then you could have had your data stolen and breached. Wordfence have reported this issue in more details here, however the gist is;
If you have a GoDaddy Managed WordPress account then your details and your passwords have been made available to hackers for almost 2 months!
If you reuse passwords this could be very very serious!
So IF you are one of the people that did trust GoDaddy with your Managed WordPress hosting account then you should
- change your passwords on the site, admin access, FTP access and GoDaddy access asap
- if those passwords have been used anywhere else – change those as well
- also if you have an ecommerce wordpress site or a site that allowed people to create an account then those details could also have been stolen – you would need to report this to your own customers as a breach as well – so check any legislation for your area on how you should report this breach and what you need to do
- lastly you will need to run a check on your website(s) within your GoDaddy account – look for any issues and any compromised areas. Check plugin files for plugins that maybe do not exist
- don’t forget to check the email addresses also used as your login as those also will have been compromised and could be used in phishing
This is very serious breach and one of the largest that I have heard of, certainly with a company that people seemed to trust and quite often are used more by joe public then web professionals – if you are in this situation and are unsure as to what to do let me know and I will do what I can to help.