GoDaddy Gets Hacked, 1.2 Million Customer Accounts Exposed
GoDaddy Gets Hacked, 1.2 Million Customer Accounts Exposed

By Naveen Anthrappully

Web registrar and hosting company GoDaddy announced Monday that email addresses of up to 1.2 million active and inactive Managed WordPress customers were accessed by an unauthorized third party using a compromised password.

In a disclosure filed with the SEC, GoDaddy Inc. said that the data breach incident was discovered on Nov. 17. “Upon identifying this incident, we immediately blocked the unauthorized third party from our system,” said Demetrius Comes, the company’s Chief Information Security Officer, in the filing. An investigation is currently ongoing.

Based on findings by IT forensics, the hackers gained access to customer information using the vulnerability beginning Sept. 6. The third parties had remained undetected for more than 70 days, which is concerning.

Besides email addresses, the customer number was also exposed, which may lead to phishing attacks, according to Comes.

Comes added in the filing: “For active customers, sFTP and database usernames and passwords were exposed. We reset both passwords. For a subset of active customers, the SSL private key was exposed. We are in the process of issuing and installing new certificates for those customers.”

SSL keys verify the authenticity of websites. When verified, it is shown as the lock symbol beside the URL on the browser address bar. Malicious groups might use the SSL certificates to impersonate legitimate companies for malware distribution and identity theft. According to security experts, the certificates would need to be replaced as soon as possible with new keys.

The company’s shares (GDDY) fell about 5.25 percent on closing, and its shares were hovering around the $67 mark on Tuesday.

GoDaddy is apparently in touch with the affected customers and is taking steps to strengthen security for preventing another attack. But this is not the first time the company has faced flak for unauthorized breaches.

In 2018, an AWS error exposed data regarding their business related to servers and cloud storage services with GoDaddy.

Last year, data from almost 28,000 customers were compromised by hackers through an altered SSH file. The breach occurred on Oct. 19, 2019, and was discovered on April 23, 2020.

Again in 2020, the company was part of a group of sites taken down in a cryptocurrency hack.

GoDaddy, based in Tempe, Arizona, is one of the largest hosting companies in the world, with a reported 20 million user accounts and over 7,000 employees.

GoDaddy has not immediately responded to The Epoch Times’ request for comment.

Affiliate News Feeds

  • Hardware
  • Internet of Things
  • Networking
  • Industry News
  • Software

A new single board computer range offers developers flexibility and the option of custom hardware. The post OKdo partners with Radxa to deliver new ROCK SBCs appeared first on TechRepublic. [...]

Cybersecurity threats and attacks are on an upswing with no end in sight. It’s clear that organizations must do more to protect their data and employees. AMD and Microsoft have… [...]

The need to protect your Mac's data should prove no surprise, but there are many options beyond using iCloud and Time Machine. Here are several leading options, should you need… [...]

A new single board computer range offers developers flexibility and the option of custom hardware. The post OKdo partners with Radxa to deliver new ROCK SBCs appeared first on TechRepublic. [...]

Blockchain and edge computing can be a formidable combination in terms of power, scalability and versatility. The post How blockchain and edge computing can work together appeared first on TechRepublic. [...]

IoT use cases continue to grow as this report projects that the IoT-enabled asset tracking and monitoring market will witness exponential growth in the coming years. The post IoT-based asset… [...]

Jack Wallen shows you how to quickly get Samba shares up and running on any Linux distribution based on Red Hat Enterprise Linux. The post How to install and configure… [...]

Google Fiber hopes to expand its reach to deliver one of the fastest fiber networks to multiple U.S. communities. The post Google Fiber plots speedy multi-gig future appeared first on… [...]

Learn the basics of automation in Windows PowerShell for just $19.99 with this certification bundle. The post Automate Windows administration with PowerShell: Learn how in this training course appeared first… [...]

Cybersecurity threats and attacks are on an upswing with no end in sight. It’s clear that organizations must do more to protect their data and employees. AMD and Microsoft have… [...]

Professional risk factors into career decisions, and successful women need to encourage other women to accept the risks, says Accenture. The post Report finds women are declining CISO/CSO roles appeared… [...]

CompTIA finds tech investments will support innovation and recruitment, while Verizon Business reveals 31% of SMBs will cut tech investments. The post Two SMB reports reveal differing views on tech… [...]

Data observability tools allow you to monitor what is happening to your data. Here is a list of the top data observability tools of 2022. The post Best observability tools… [...]

Once you decide the default Auto Date table isn’t adequate, you can create one that fulfills your grouping and filtering requirements in Microsoft Power BI. The post How to create… [...]

Talend is one of the most popular tools for data quality. Get details on using Talend's tools for data profiling, cleaning, standardization, matching and deduplication. The post Data quality solutions… [...]