GoDaddy data breach

What you need to know about the GoDaddy data breach

December 6, 2021

Share this post

Last month GoDaddy logged its fifth cyber-incident since 2018 as the widely popular domain registrar suffered another customer account data breach. An unauthorised third party gained access to the data through malicious means putting 1.2 million active and inactive customers’ data at risk.

GoDaddy’s WordPress hosting environment was attacked by a third party, resulting in stolen email addresses, SSH keys, and database logins. For a subset of customers, their SSL private keys were exposed, with many active customers having had their WordPress Admin passwords and sFTP database username privacy compromised.

GoDaddy’s management system allows companies and individuals to use the WordPress content management system (CMS) through GoDaddy without having to manage or update it themselves.

The disclosure came as GoDaddy had launched an investigation in partnership with the authorities and an IT forensic team. They had, despite disclosure in November, found evidence of suspicious activity dating back to early September. Demetrius Comes, GoDaddy’s Chief Information Security Officer, related the details of the hack to the US Securities and Exchange Commission, revealing that a compromised password used by a third party was the source of the breach.

GoDaddy’s Demetrius Comes has since extended his apologies to the customers affected, and the domain registrar is in the process of issuing and installing new SSL certificates. Whilst all affected customer passwords have been reset, GoDaddy has since advised customers using the same password for external sites to change them for safety.

 

Has this happened before?

GoDaddy hosts over 82 million domains, and according to some sources, have become prone to these types of data breaches. In 2018, an Amazon Web Services bucket configuration led to the exposure of internal information belonging to GoDaddy. And in May 2020, GoDaddy informed its users that they had discovered altered SSH files, a protocol that connects communications between two computers, on the company’s servers.

Nick Tausek, a security solutions architect at Swimlane, argued that the dependency users had on the platform had made it an easy target:

“It operates 35,000 servers hosting more than five million websites, with millions of people relying on its services for the day-to-day operations of their businesses and hobbies. Because of the level of user dependency, repercussions can be severe when a situation like this presents itself.”

As the latest in a string of data breaches, it seems to illustrate the importance of using password managers and multi-factor authentication tools. A password manager can include an authenticator application that generates One Time Passcodes (OTPs) for logging in. The software can also track your data and alert you of any data breaches.

 

How can you protect yourself?

As your business develops, it’s common to overlook your website and data processed through it when it’s working. Protecting your customers’ data and growing your business is an essential part of maintaining an up-to-date, interactive website with the latest security.

Your website needs to be engaging to generate leads. Content should follow a clear methodology, and your booking experience should integrate seamlessly with your website; tracking abandoned carts, with speedy website load times are crucial for developing positive customer experiences and conversions.

Businesses slow to digitise or update their digital presence stand to lose sales and stagnate their brands.

 

Refresh your website

Coordinate Sport will work with you to refresh your digital brand for a more competitive offering to the market.

Contact the team now to learn more about our competitively priced website offering.

More impact less work

Coordinate everything in one application

Having problems signing up? Contact us, we’re here to help.

Thank you

For signing up

Check out our Resource Library.