News

GoDaddy Data Breach

On November 22, 2021 GoDaddy, an American publicly traded Internet domain registrar and web hosting company announced a security incident that affects Managed WordPress Service. The incident happened on November 17, 2021 when the company discovered unauthorized third-party access to their Managed WordPress hosting environment.
The investigation currrently runs but GoDaddy ascertained that from the beginning of September 6, 2021, the unauthorized third party used the vulnerability to gain access to the varied customer information.

American internet domain registrar suffered massive data breach

“We are sincerely sorry for this incident and the concern it causes for our customers. We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection,” Demetrius Comes, Chief Information Security Officer.

Upon the detection, the company immediately blocked the unauthorized third party from the system. GoDaddy contacted directly all impacted customers with specific details. Company already informed appropriate law enforcement and with the help of an IT forensics firm began an investigation.

Soon after the data breach discovery the company acquired the next facts and possible solutions concerning it:

  • For a subgroup of operating customers, attackers exposed the SSL private key. GoDaddy righ now runs the process of installing and issuing new certificates for those customers;
  • The original WordPress Admin password that company issued at the time of providing attackers also exposed. If those credentials were still in use, they reset those passwords;
  • Again, for operating customers, sFTP and database usernames and passwords were exposed. Company reset both passwords together;
  • Nearly 1.2 million operating and non-operating Managed WordPress customers had their customer number and email address exposed. The exposure of email addresses has a risk of potential phishing attacks endangering.
  • Spammers used GoDaddy subdomains to conduct large campaing

    Last year GoDaddy got on the news when spammers used its 15,000 subdomains to redirect to spam pages with some of them impersonating popular and well trusted websites. The spam campaign changed its behavior over some time but still allowed automatic identification. The initial inducement came via email and the URL was changed into a short link. Spammers did so in order to keep the potential victims oblivious about the prime landing place.

    One Palo Alto Networks customer received hundreds of these spam emails. The activity meant to be part of the affiliate marketing business. That means when advertisers pay affiliates to promote their products. Principally, an advertiser pays for traffic that will redirect to their sale page. Technically, specialists deem it as a legitimate thing, but when affiliates use such slapdash methods for traffic generation, it puts the additional burden on the marketing company to filter out these.

    Andrew Nail

    Cybersecurity journalist from Montreal, Canada. Studied communication sciences at Universite de Montreal. I was not sure if a journalist job is what I want to do in my life, but in conjunction with technical sciences, it is exactly what I like to do. My job is to catch the most current trends in the cybersecurity world and help people to deal with malware they have on their PCs.

    Recent Posts

    Remove News-bpudepi.today Pop-up Ads

    About News-bpudepi.today News-bpudepi.today pop-ups can not launch out of the blue. If you have actually…

    1 day ago

    Remove Doguhtam.xyz Pop-up Ads

    About Doguhtam.xyz Doguhtam.xyz pop-ups can not expose out of nowhere. If you have clicked some…

    1 day ago

    Remove News-xlixoti.com Pop-up Ads

    About News-xlixoti.com News-xlixoti.com pop-ups can not introduce out of nowhere. If you have actually clicked…

    1 day ago

    Remove Ducesousightion.com Pop-up Ads

    About Ducesousightion.com Ducesousightion.com pop-ups can not introduce out of the blue. If you have actually…

    1 day ago

    Remove News-xlabica.live Pop-up Ads

    About News-xlabica.live News-xlabica.live pop-ups can not launch out of the blue. If you have actually…

    1 day ago

    Remove Mergechain.co.in Pop-up Ads

    About Mergechain.co.in Mergechain.co.in pop-ups can not expose out of the blue. If you have clicked…

    1 day ago