Go Daddy Thwarts Cyber Criminal, 1,000 Accounts Locked

[Gerry]

Go Daddy Thwarts Cyber Criminal, 1,000 Accounts Locked

http://domainnamewire.com/2009/01/19...counts-locked/

Go Daddy’s security team stops perpetrator; about 1,000 accounts affected.

GoDaddy .com, the world’s largest domain name registrar, has thwarted an attack by a person who gained access to customer information.

The company discovered that someone gained access to certain customer information through a vulnerability in its systems. The information accessed included names, physical addresses, and customer IDs. Passwords and other sensitive information was not compromised. Affected accounts have been temporarily locked.

“As a precaution, we’ve locked all of those customers’ accounts,” said GoDaddy CIO Neil Warner in an interview with Domain Name Wire Sunday evening. “We started contacting the customers by phone, and are sending an e-mail if we haven’t reached them by phone.” Warner said that all affected customers have been notified, and that only 1/10th of 1 percent of GoDaddy accounts were vulnerable.

Warner said the company is not sure about the intent of the perpetrator.

GoDaddy employees about 30 people dedicated to security, and these teams work 24 hours a day. It’s been a busy week for the team, which dealt with a denial of service attack on its web Hosting operations Wednesday morning.

Warner said it appears the attack came from inside the United States. “We have gathered our logs and have sent it to our legal department, which will be forwarding it on to proper authorities to see if we can take action against that person,” said Warner.

[draggar]

This would explain why many people weren't able to log into their accounts over the past few days.

[Yusio]

Interesting article.. I had no idea they had that many people working in security.

[ohkus]

Did anyone notice it was their issue that started this whole thing?

[PRED]

hope they catch the scum

[Focus]

Holy guacamole..not good.

[HuntingMoon]

it's probably an inside job

[Acquisition]

it's probably an inside job

My first thoughts exactly.

[BidNo]

Hope they string the pep up by his thumbs.

[CureCancer]

must be a publicity stunt! lol - save the day and make more money GoDaddy is a Super Power

[GUA]

Only GoDaddy could have such a security hole. However they somehow manage to turn their own failure into a positive...

[austinandrew]

Only GoDaddy could have such a security hole.

Doubtful...I bet many other registrars have serious holes. As the biggest, GoDaddy gets more attempts to crack in.

[ecomindia]

true. when u lead, u also get these attempts.

few users on dnf were too asking their concern and hope they get their answer.

only thig is , is really any account was compromised and domain taken off anyone's account?
hope no one suffer and GoDaddy further strgnthn the panel and backend.

[austinandrew]

true. when u lead, u also get these attempts.

few users on dnf were too asking their concern and hope they get their answer.

only thig is , is really any account was compromised and domain taken off anyone's account?
hope no one suffer and GoDaddy further strgnthn the panel and backend.

Warner wouldn't tell me much about what type of vulnerability the perpetrator cracked. (I don't blame him.) I was surprised that the perpetrator was based in the U.S...so this will be interesting to watch.

[Gerry]

Doubtful...I bet many other registrars have serious holes. As the biggest, GoDaddy gets more attempts to crack in.

Indeed.

Guess it is pretty neat when you see your news gain attention on another format, eh?

As for being an inside job as suggested, that is pure speculation and unfounded.

DDoS happens daily all across the globe.

To think that GoDaddy is the only registrar prone to this is foolish. That is like the earlier attacks on parking companies. Several talked about how "their" parking company didn't have that problem.

Then it seemed to go around from one to the other.

The hacker might even be a member here.

We'll see who's next.

[Banned: dn-101]

Probably Bob Parson's boyfriend. They've been arguing lately.

[Poker]

Warner said it appears the attack came from inside the United States.

The call is coming from inside the house, it's your father and he's been drinking

[mclovin]

Warner said that all affected customers have been notified, and that only 1/10th of 1 percent of GoDaddy accounts were vulnerable.

0.001 doesnt' sound very small to me. So how many accounts are we talking about here, how many accounts does GoDaddy have? I'm assuming that Warner was being careful in speaking about the number of accounts, and not the number of domains.

[ecomindia]

true. being into financial industry, a dot (decimal) can make a difference ; a 0 placed wrongly can turn things around .. and when it comes to MY DOMAINS, i better keep watch on this thread, other thread, and else where all that is possible.

Hope inside US is not deep inside ... i mean not inside GoDaddy.

that will be a tough call..

not making specualtion, just guessing..

pls do update if some1 comes around with any new info on this