GoDaddy agrees to implement standard data security to protect websites and data!

SCWorld.com reported that “In a May 21 settlement, the Federal Trade Commission (FTC) reached an agreement with GoDaddy to settle allegations that the popular webhosting provider misled its customers by failing to implement data security protections, practices that led to multiple data breaches.”  The May 22, 2025 article entitled " FTC orders GoDaddy to establish a comprehensive security program” (https://tinyurl.com/52v5txhb) included these comments:

The FTC alleged in January 2025 that despite claiming it provides “award-winning security,” GoDaddy failed to implement standard data security tools and practices to protect customer websites and data.

For example, the FTC said GoDaddy failed to use multi-factor authentication (MFA), monitor for security threats, and secure connections to its consumer data. These failures led to several data breaches that led bad actors to gain unauthorized access to customer websites and data.

Security pros have long been concerned about GoDaddy’s lack of transparency on data breaches that were first made public in the spring of 2020. The concerns are warranted given that GoDaddy boasts roughly 21 million subscribers.  

Sure is bad news for the GoDaddy subscribers, but hopefully the agreement with the FTC will solve all the deficiencies.