Over One Million GoDaddy Customers Caught Up in Data Breach

Domain registrar and hosting company GoDaddy confirmed a new data breach. This is not the first time the company has suffered a security breach. In this latest one, at least 1.2 million customers have been affected.

The disclosure was made in a document filed with the US Securities and Exchange Commission as part of GoDaddy's obligations as a publicly traded entity. The filing attributed the attack to an "unauthorized third party". The initial breach was effected on September 6 and whatever threat actor was behind it managed to maintain uninterrupted access and remain under the radar for more than two months. The issue was finally spotted in mid-November.

The threat actors had compromised GoDaddy's Managed WordPress hosting environment. In essence, this service allows GoDaddy customers to make use of the WordPress platform in an environment hosted by GoDaddy, without the need for the customer to update and maintain the platform's internals.

The threat actor used a "compromised password" to access GoDaddy's servers.

Different types of data for different customers were accessed in the data breach. This includes 1.2 million emails and customer numbers of current and inactive customer accounts, sFTP and DB username and password combos (with passwords already having been reset by GoDaddy at the time of the filing), SSL certificate private keys for a portion of currently active customers.

Security experts outlined a few scenarios of what potential malicious actions threat actors might be able to pull off with the stolen data and none of them were particularly pretty. The scenarios ranged from hijacking domains and ransoming them out to their legitimate owners, to redirecting page visitors to pages that mimic the legitimate ones and then scraping any information entered on the spoofed pages.

A chief security researcher with AppViewX called some of the possible ugly scenarios "extinction-level events".

Reporting on the issue, ThreatPost outlined a string of three more security incidents that GoDaddy suffered in 2020 alone.

November 23, 2021

Cyclonis Backup

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.