letter, GoDaddy believes that originally, the data breach took place on September 6th, 2021. However, it was only discovered on November 17th.
Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress. Upon identifying this incident, we immediately blocked the unauthorized third party from our system, GoDaddy said.
Demetrius Comes, Chief Information Security Officer at GoDaddy said that the company has reset passwords for WordPress Admin, sFTP, and database. Yet, customers should watch out for phishing scams as hackers may attempt to take advantage of the situation for further attacks.
Comes also apologized to the affected customers and said that investigation is ongoing with the help of an IT forensics firm and contacted law enforcement.
GoDaddy and previous data breaches
This is not the first time when GoDaddy has suffered a data breach or put the personal data of its customers at risk. In 2018, a misconfigured Amazon S3 bucket owned by the company exposed sensitive data on 31,000 GoDaddy servers.
In April 2020, a hacker defaced the Escrow.com domain by hacking into the account of one of GoDaddy’s employees. The employee fell for a phishing scam after which stolen login credentials were used to conduct DNS spoofing against the Escrow domain.
In May 2020, GoDaddy announced another data breach in which an unknown number of web hosting account credentials were affected when hackers managed to access their SSH accounts. For your information, SSH also known as Secure Shell is a cryptographic network protocol for operating network services securely over an unsecured network.
In November 2020, GoDaddy admitted that hackers tricked its employees into obtaining access to their customer accounts and exploited them in attacks against two cryptocurrency firms, namely NiceHash and Liquid.
In their statements, both services stated that the attackers breached their internal systems after obtaining control of their accounts through tricking GoDaddy employees.
While discussing the latest cyber attack on GoDaddy, Geoff Bibby, CMO of Zix | AppRiver said that “Unfortunately, the data breach that has impacted GoDaddy is becoming a common occurrence for many companies.”
“Organizations that handle massive amounts of customer data are increasingly being targeted by cybercriminals hoping to access the incredibly sensitive and valuable information they possess,” said Geoff.
“To prevent a data breach like this, organizations need to implement two-factor authentication (2FA), which provides an extra layer of security by making users confirm their identity and leverage end-to-end email encryption for any messages containing confidential or personally identifiable information, Geoff suggested.”
Geoff advised that GoDaddy should also encourage customers to implement 2FA themselves and never reuse the same password on different services because if the service is compromised, attackers will try that same password for others.
Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.