GoDaddy discloses security breach. Stay informed about the latest developments in this cybersecurity incident. GoDaddy is a domain name registrar and web hosting provider with more than 20 million customers worldwide. The company recently admitted to a massive data breach that impacted its Managed WordPress hosting environment.
The breach reportedly exposed authentication information including WordPress admin login, sFTP, and database usernames and passwords. It also exposed SSL private keys for a subset of customers.
What You Need to Know About the GoDaddy Years Long Breach
GoDaddy is the world’s largest domain registrar and web hosting service. In a filing with the Securities and Exchange Commission, GoDaddy announced a data breach that affected 1.2 million customers. The company reported that an unauthorized third party gained access to its Managed WordPress environment on September 6 using a compromised password and continued to gain access until November 17. The hackers were able to steal email addresses, database logins, SSH keys and more.
The breach also exposed SSL certificates, the digital identities that bind websites to their respective domains and ensure security. The theft of these certificates allows attackers to intercept and impersonate a site, which can lead to phishing attacks, malware infections and rogue SSL sites. The breach should serve as a reminder to organizations of the importance of managing digital certificates and implementing an automated Certificate Lifecycle Management (CLM) solution that can revoke and reissue thousands of certificates in minutes, rather than the hours it takes to do so manually.
Despite the fact that GoDaddy’s breach has caused considerable damage, the company can still recover from this event by building trust with its customers. As users today are increasingly becoming more cyber-aware and making more secure choices, companies like GoDaddy that offer products and services relating to online security need to demonstrate that they have their clients’ best interests in mind.
One of the ways GoDaddy can do this is by ensuring that all of their employees are properly trained on cyber-security. This will help them spot the warning signs of a possible attack and take the appropriate actions to protect their clients’ information and systems.
In addition, if a customer notices a change to their website, it’s important that they check the security of their site. If they see that their SSL certificate has been revoked or reissued, they need to make sure they are using the new certificate. They also need to check their email addresses for phishing emails that may have been sent to them by attackers. Look for misspellings and unusual capitalizations in the emails, as these are indicators of a potential phishing attack.
Lastly, GoDaddy argues that it cannot be liable for unjust enrichment because its Reseller Agreement and Third Addendum required the company to “endeavor to promote” SiteLock’s services. The expert report in this case, however, reveals that GoDaddy’s assertions do not stand up to scrutiny. The Court therefore finds that GoDaddy does not establish its affirmative defense of MFN set-off/recoupment, estoppel and unjust enrichment, and thus grants the motion for partial summary judgment.
What You Need to Do
If you’re a GoDaddy customer, there are several things you need to consider. For one, you may want to change your SFTP passwords to something very difficult to guess or crack. If you have SSL certificates, make sure they’re updated, as well. However, that’s a process that will take time. You can also consider incorporating short-lived SSL certificates to mitigate current vulnerabilities in the long term, suggests Murali Palanisamy, chief solutions officer for AppViewX.
