GoDaddy says a multi-year breach hijacked customer websites and accounts (1 Viewing)

GoDaddy said on Friday that its network suffered a multi-year security compromise that allowed unknown attackers to steal company source code, customer and employee login credentials, and install malware that redirected customer websites to malicious sites.

GoDaddy is one of the world’s largest domain registrars, with nearly 21 million customers and revenue in 2022 of almost $4 billion. In a filing Thursday with the Securities and Exchange Commission, the company said that three serious security events starting in 2020 and lasting through 2022 were carried out by the same intruder.

“Based on our investigation, we believe these incidents are part of a multi-year campaign by a sophisticated threat actor group that, among other things, installed malware on our systems and obtained pieces of code related to some services within GoDaddy,” the company stated. The filing said the company’s investigation is ongoing.

Read more: GoDaddy says a multi-year breach hijacked customer websites and accounts

My hosting was with hostpapa and I have to say it was excellent, the service was exemplary even on the basic plan. They have full cPanel and everything you would expect from a host. I found a 3 year coupon and their hosting served me well.

That said the contract was coming for renewal in September and the new rates were much higher. I would have had to make a new account and transfer all the files to get another 3 year term at a good rate.

That made me think of WHC and since I recently moved in a batch of domains I thought I would give their hosting a try. I like being able to control domains and hosting from the same control panel. I managed to snap up a 1 year term and like with all hosting companies the price goes up after that. I will decide 3 months ahead if I will keep it or move on depending on reliability and price.

I feel more comfortable at WHC because like with godaddy above it is the big companies that are typically victims of attacks like this. The culprits get a treasure trove of passwords, personal information etc. It is highly unlikely that smaller companies get the same intrusions because the rewards are limited compared to their bigger rivals.

It's very unfortunate what happened at godaddy and I encourage everyone affected to change their passwords immediately, especially if the credentials were used on more than one website.

Google has a nice tool available where you can check your passwords to see if they have been compromised.

passwords.google.com/checkup/start

Just saw this as well from @DataCube

Considering how many people jumped on the Epik bandwagon when their breach was announced the godaddy breach is considerably worse, over multiple years, giving full access to clients cPanel, yet it is relatively quiet in the news.