Web registrar and hosting company GoDaddy announced Monday that email addresses of up to 1.2 million active and inactive Managed WordPress customers were accessed by an unauthorized third party using a compromised password.
In a disclosure filed with the SEC, GoDaddy Inc. said that the data breach incident was discovered on Nov. 17. “Upon identifying this incident, we immediately blocked the unauthorized third party from our system,” said Demetrius Comes, the company’s Chief Information Security Officer, in the filing. An investigation is currently ongoing.