GoDaddy Hack Exposes Over A Million Accounts

GoDaddy has suffered a massive security breach that has affected over a million users.

By Kristi Eckert | Published

This article is more than 2 years old

GoDaddy

Cybercrime is on the rise. In recent weeks a slew of companies have been subjected to massive security breaches. Seven million Robinhood, a popular stock app, users had their accounts put in jeopardy after the company succumbed to hacker activities. In an even more high-profile incident, nine companies, whose names have been kept secret, simultaneously suffered debilitating breaches. According to Engadget, GoDaddy can now be added to the ever-growing list of cybercrime victims after 1.2 million of its user accounts were compromised at the hands of a hacker. 

On November 22nd GoDaddy disclosed to the Securities and Exchange Commission that 1.2 million of its user accounts were subjected to security breaches. In the disclosure, they explained that they discovered this when they realized that an “unauthorized third-party” accessed their web hosting environment which they operate through WordPress. GoDaddy believes that the hack occurred sometime on September 6th. It is not clear if GoDaddy was subjected to any subsequent hacks by the same individual following that date, however, they did maintain that their internal investigation is still in progress. 

As of now, the data that was believed to be extracted from those accounts include email addresses, customer number IDs, admin passwords, sFTPs passwords, database locations, and SSL private keys. According to GoDaddy’s Chief Information Security Officer Demetrius Comes, the web hosting platform is currently employing a private IT Firm to execute the ongoing investigation. Since becoming aware of the breach GoDaddy has refreshed its security credentials and is in the process of issuing its affected users new SSL certificates. 

Even though GoDaddy has expressed that this latest security incident has taught them a lesson, this is far from the company’s first rodeo in terms of being hacked. In fact, at this point, they almost have a reputation for it. In 2018 a data leak that occurred on 31,000 of their Amazon Web Services (AWS) servers impacted over 18 million customers. In April of 2020, GoDaddy realized that a security breach, which occurred in October of 2019, compromised 28,000 customer accounts. It is scary to think that this particular security breach flew under the radar for approximately six months before GoDaddy even realized it. 

More recently still, in November of last year, GoDaddy became aware that its employees had been unwittingly tricked into relinquishing control over multiple cryptocurrency services’ web domains. In this case, the hackers were able to accomplish the takeovers by using a technique called “vishing.” Essentially, with “vishing” a hacker calls a person in an attempt to lead them to a phishing site so that they can capture a person’s credentials and use them elsewhere to gain access to things that would otherwise be inaccessible.  

Judging by the number of times in recent years that GoDaddy has fallen victim to hacker attacks that have resulted in security breaches serves to indicate that they would do well to reevaluate the strength of their security infrastructure. And even though authorities are beginning to get better at identifying breaches before they happen, cybercrime is still on the rise and it, unfortunately, does not look to be slowing down any time soon.