GoDaddy hack causes data breach affecting 1.2 million customers

Topic

New Reply

“In a data breach notification published today, GoDaddy said that the data of up to 1.2 million of its customers was exposed after hackers gained access to the company’s Managed WordPress hosting environment.

“The incident was discovered by GoDaddy last Wednesday, on November 17, but the attackers had access to its network and the data contained on the breached systems since at least September 6, 2021.”

https://www.bleepingcomputer.com/news/security/godaddy-hack-causes-data-breach-affecting-12-million-customers/

—

John Ruskin said, “There is hardly anything in this world that a man can’t make worse and sell cheaper; and persons who consider price only are this man’s lawful prey.”

$6.00 domain names? Um, no thanks…

Always choose your web host and Registrar VERY carefully.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Windows Update? Bah! I could carve a better ecosystem out of a banana!" -Jamrach Holobom

1 user thanked author for this post.

wavy

Reply | Quote

Replies

https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm

..We, GoDaddy leadership and employees, take our responsibility to protect our customers’ data very seriously and never want to let them down. We will learn from this incident and are already taking steps to strengthen our provisioning system with additional layers of protection…

What does ‘our responsibility’ mean ? Did anyone resigned ? Will GoDaddy compensate everyone of the 1.2 customers whos privacy has been violated by a $10,000 check ?

2 users thanked author for this post.

wavy, Nibbled To Death By Ducks

Reply | Quote

No, the Feds need to take this seriously rotten vendor out to the woodshed and have it “explained to them” first! But it won’t happen…

…until we have security standards in place, laws that define specific punishments and fines for neglect and sloppiness of those standards, and laws that spell out specific dollar amounts for fines for those individuals responsible, AND their parent institutions, along with the political will to enforce said laws, we’ll be given a kiss  on the cheek, and a check for $13.00. The vendor will get a slap on the wrist and chalk it up to the cost of doing business (depending on how much money he spent on “K” street lobbyists in D.C.)

Not to mention the legal firms that wind up with 85% of the proceeds of a class action.

Aaaargh.

This is the situation in the US. Alex. I think you’re in Europe; is it any different there?

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"Windows Update? Bah! I could carve a better ecosystem out of a banana!" -Jamrach Holobom

Reply | Quote

Uh… guys? Why no one, not here, nor in “BleepingComputer”, has explained what this Godaddy’s business is? I never heard of it, or its 1.2 million users.

Yes, it sounds truly wicked. Should I care?

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

OscarCP wrote:

Uh… guys? Why no one, not here, nor in “BleepingComputer”, has explained what this Godaddy’s business is? I never heard of it, or its 1.2 million users.

Yes, it sounds truly wicked. Should I care?

It’s an American publicly traded Internet domain registrar, details here: GoDaddy

1 user thanked author for this post.

OscarCP

Reply | Quote

I am always on alert if I see a site is hosted by godaddy, I call it NoGoDaddy.
Not a stellar rep to say the least.

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

1 user thanked author for this post.

SueW

Reply | Quote

Wow! Lots and lots of acquisitions, lots and lost of growth!

Maybe I should seriously consider buying some of their  shares?

From the Wikipedia article linked by NaNoNyMouse

” Company growth
In 2001, soon after Network Solutions was no longer the only place to register a domain, GoDaddy was approximately the same size as competitors Dotster and eNom

In April 2005, GoDaddy became the largest ICANN-accredited registrar on the Internet.

As of 2018, GoDaddy is the world’s largest web host by market share in March 2018, Amazon Web Services (AWS) announced that GoDaddy is migrating the vast majority of its infrastructure to AWS as part of a multi-year transition.

Acquisitions

• In July 2012, GoDaddy announced that it would acquire Outright for an undisclosed amount.
• In August 2013, GoDaddy announced that it would acquire Locu for $70 million.
• In September 2013, GoDaddy acquired domain marketplace Afternic from NameMedia. GoDaddy also acquired domain parking service SmartName and business name generator NameFind.
• On October 15, 2013, GoDaddy acquired web hosting service provider Media Temple. In a newsletter sent to its customers, Media Temple said that they “will continue operating as an independent and autonomous company.”
• In July 2014, GoDaddy acquired Canary, a small Cambridge-based smart calendar service.
• On August 20, 2014, GoDaddy acquired Mad Mimi, a Brooklyn-based email marketing service.
• In April 2015, GoDaddy acquired Elto, “a San Francisco-based startup which had been offering a marketplace that helped connect business owners and other non-technical people to web developers who could help them establish and improve their web presence.
• In April 2015 and November 2015, GoDaddy acquired the domain portfolios of Marchex and Worldwide Media, respectively.
• On May 17, 2016, GoDaddy acquired FreedomVoice for $42 million in cash. FreedomVoice is a provider of cloud-based VoIP phone systems throughout the United States.
• On September 6, 2016, GoDaddy acquired ManageWP.
• On December 6, 2016, GoDaddy announced its acquisition of \Host Europe Group.
• On March 22, 2017, GoDaddy acquired Sucuri.
• On January 23, 2018, GoDaddy acquired Main Street Hub.
• On September 24, 2018, GoDaddy acquired Plasso.
• On September 25, 2018, GoDaddy acquired Cognate.
• On April 10, 2019, GoDaddy acquired Sellbrite.
• On December 6, 2019, GoDaddy announced their integration with WooCommerce
• On January 29, 2020, GoDaddy announced an agreement to acquire Over.
• On February 11, 2020, GoDaddy announced an agreement to acquire parts of Uniregistry, a Cayman Islands-based domain registrar.
• On April 6, 2020, GoDaddy acquired Neustar’s domain name registry service business and renamed it GoDaddy Registry.
• On December 15, 2020, GoDaddy acquired Poynt, “an omnicommerce payment solution”.

With this acquisition, GoDaddy has become the registry (wholesaler) of .co, .us, .biz and .nyc and managing the technical operations of the new extensions such as .club and .loan. GoDaddy will change the registry business’ name to GoDaddy Registry.“

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

1 user thanked author for this post.

Steve

Reply | Quote