GoDaddy Data Breach

On November 22, 2021 GoDaddy, an American publicly traded Internet domain registrar and web hosting company announced a security incident that affects Managed WordPress Service. The incident happened on November 17, 2021 when the company discovered unauthorized third-party access to their Managed WordPress hosting environment.
The investigation currrently runs but GoDaddy ascertained that from the beginning of September 6, 2021, the unauthorized third party used the vulnerability to gain access to the varied customer information.

American internet domain registrar suffered massive data breach

“We are sincerely sorry for this incident and the concern it causes for our customers. We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection,” Demetrius Comes, Chief Information Security Officer.

Upon the detection, the company immediately blocked the unauthorized third party from the system. GoDaddy contacted directly all impacted customers with specific details. Company already informed appropriate law enforcement and with the help of an IT forensics firm began an investigation.

Soon after the data breach discovery the company acquired the next facts and possible solutions concerning it:

Spammers used GoDaddy subdomains to conduct large campaing

Last year GoDaddy got on the news when spammers used its 15,000 subdomains to redirect to spam pages with some of them impersonating popular and well trusted websites. The spam campaign changed its behavior over some time but still allowed automatic identification. The initial inducement came via email and the URL was changed into a short link. Spammers did so in order to keep the potential victims oblivious about the prime landing place.

One Palo Alto Networks customer received hundreds of these spam emails. The activity meant to be part of the affiliate marketing business. That means when advertisers pay affiliates to promote their products. Principally, an advertiser pays for traffic that will redirect to their sale page. Technically, specialists deem it as a legitimate thing, but when affiliates use such slapdash methods for traffic generation, it puts the additional burden on the marketing company to filter out these.