The Southern Maryland Chronicle reports:
The Federal Trade Commission finalized a settlement with GoDaddy on May 23, 2025, addressing allegations that the web hosting provider misled consumers about its data security practices, leading to multiple data breaches. The order, approved unanimously by a 3-0 vote, mandates significant security upgrades and prohibits GoDaddy from making false claims about its protections.
In January 2025, the FTC alleged that GoDaddy failed to implement basic security measures despite advertising “award-winning security.” The agency cited the company’s lack of multi-factor authentication, inadequate threat monitoring, and unsecured data connections, which enabled unauthorized access to customers’ websites and data in several breaches. Additionally, the FTC claimed GoDaddy deceived users by falsely stating compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, international data protection standards.
“GoDaddy’s failure to use standard data security tools left customers vulnerable,” an FTC spokesperson said in a statement. The breaches exposed sensitive information, undermining consumer trust in the company’s hosting services, which support millions of websites globally.
The finalized order imposes strict requirements on GoDaddy.
Read more about the requirements at The Southern Maryland Chronicle.
