Web hosting company GoDaddy said email addresses of up to 1.2 million active and inactive Managed WordPress customers had been exposed in an unauthorized third-party access.
The US-based company said the cyber security incident was discovered on Nov. 17 and the third-party accessed the system using a compromised password.
“We identified suspicious activity in our Managed WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and contacted law enforcement,” Chief Information Security Officer Demetrius Comes said in a filing.
The tech company said it had immediately blocked the unauthorized third party, and an investigation was still going on. GoDaddy did not reveal more details about the attacker and the impact on its IT systems.
GoDaddy recently raised its full year revenue guide to approximately $3.765 billion, representing 14 percent year over year growth.
GoDaddy expects revenue of approximately $970 million, or 11 percent year over year growth, for the fourth quarter ending December 31, 2021.
GoDaddy said ARR from Create and Grow group of products, which includes Websites + Marketing, Managed WordPress, Sellbrite, and GoDaddy Studios, surpassed $400 million in Q3.