news GoDaddy data breach exposes information from over 1 million people

Visit nameliquidate.com
ebook DomainGraduate.com

accurate

Level 7
Joined
Sep 28, 2012
Messages
868
Reaction score
320
Feedback: 0 / 0 / 0
Customer information including email addresses, account numbers and passwords related to more than one million GoDaddy users was exposed in a data breach, the company said in a Monday regulatory filing.
The exposure of account passwords could put GoDaddy users at risk of having their accounts taken over by cybercriminals, while the compromise of the email addresses increases the odds that they'll eventually be used in phishing attacks.

Up to 1.2 million active and inactive managed WordPress customers had their email addresses and customer account numbers exposed, GoDaddy said. In addition, original WordPress administrative passwords that were created during the account setup process were exposed. If those credentials were still in use, the company said it has reset them.

 
Visit Epik

accurate

Level 7
Joined
Sep 28, 2012
Messages
868
Reaction score
320
Feedback: 0 / 0 / 0
WordFence posted about it as well.

 

Furquan

Level 4
Epik Staff
Joined
Dec 19, 2019
Messages
143
Reaction score
128
Feedback: 1 / 0 / 0
It's almost on every security blog. That's a lots of websites got affected
 

amplify

Level 9
DNForum.com Staff
Joined
Sep 15, 2009
Messages
3,358
Reaction score
1,101
Feedback: 67 / 0 / 0
I would have expected more of an impact on $GDDY following yesterday's decline this pre-market... but looking pretty flat so far.
 

Neoget

Level 4
Joined
Jul 5, 2021
Messages
195
Reaction score
90
Feedback: 0 / 0 / 0
This are happy and great news, finally justice to be served.
 

amplify

Level 9
DNForum.com Staff
Joined
Sep 15, 2009
Messages
3,358
Reaction score
1,101
Feedback: 67 / 0 / 0
This are happy and great news, finally justice to be served.
Justice is only served when the hackers are caught. They have caused untold millions of dollars in losses already.

That is not justice.
 

Neoget

Level 4
Joined
Jul 5, 2021
Messages
195
Reaction score
90
Feedback: 0 / 0 / 0
Justice is only served when the hackers are caught. They have caused untold millions of dollars in losses already.

That is not justice.
Godaddy deserved it in full, that is why I m happy.
P.s. there was a recent topic about removed domains from someones account, did you delete the topic? I was interested to read what happened.
 

amplify

Level 9
DNForum.com Staff
Joined
Sep 15, 2009
Messages
3,358
Reaction score
1,101
Feedback: 67 / 0 / 0
Godaddy deserved it in full, that is why I m happy.
There are real people that are affected behind the scenes, not counting the ones that had their content hosted and could be a target to even customers of theirs, so we'll just have to agree to disagree.
P.s. there was a recent topic about removed domains from someones account, did you delete the topic? I was interested to read what happened.
No. The poster looks like they marked it "controversial" so only logged-in members can see it (if you log out you cannot read it):
 

Neoget

Level 4
Joined
Jul 5, 2021
Messages
195
Reaction score
90
Feedback: 0 / 0 / 0
Today I got e-mail from Godaddy, because I used some years ago their hosting services.

Dear Fxxxx,

We are writing to inform you of a security incident impacting our GoDaddy Managed WordPress environment you once purchased and used. According to our records your Managed WordPress account is no longer active.

On November 17, we identified suspicious activity in our WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and have contacted law enforcement. Our investigation is ongoing, but we have determined that, on or about September 6, 2021, an unauthorized third party gained access to your customer number, email address associated with your previously used Managed WordPress account; and the password you first used when setting up your WordPress Admin login.

If you use that same password for other accounts, we recommend you change your password to those accounts and adopt data security best practices, such as choosing a strong unique password, regularly changing it, and enabling multi-factor authentication where available. We also recommend that you remain vigilant for potentially fraudulent communications sent to your email address purporting to be from GoDaddy or other third parties.

For residents living in California, Colorado, Delaware, Illinois, New York, New Jersey, Oregon, Vermont, Washington, and Wyoming, please visit https://www.godaddy.com/help/a-41004 for additional resources that describe additional steps you can take to help protect your information, including recommendations by the Federal Trade Commission regarding identity theft protection and details on how to place a fraud alert or a security freeze on your credit file.

Thank you,

Demxxxxxx Coxxx

Chief Information Security Officer
 

amplify

Level 9
DNForum.com Staff
Joined
Sep 15, 2009
Messages
3,358
Reaction score
1,101
Feedback: 67 / 0 / 0
It appears that GoDaddy was storing sFTP credentials either as plaintext, or in a format that could be reversed into plaintext. They did this rather than using a salted hash, or a public key, both of which are considered industry best practices for sFTP. This allowed an attacker direct access to password credentials without the need to crack them.
Source: https://www.wordfence.com/blog/2021/11/godaddy-breach-plaintext-passwords/

1637761191123.png

Tell me it's not about Epik or @robmonster without telling me it's not about Epik or Rob now. I hear crickets from the likes of Brad Mugford, Johnn, and company, who should be all over this one as well if all things were equal.

Or do they have a vested interest in GoDaddy where it would hurt much more if there was day-in-day-out negative press? I mean, GoDaddy is a publicly-traded company after all. Epik recovered, and so can GoDaddy. I would just like to see equality, at a minimum, is all.

1637761291457.png

Also, NamePros classifies GoDaddy's breach as regular domaining news while Epik's is a Warning and Alert.

One of these isn't like the other... or is it? 🤔
 

accurate

Level 7
Joined
Sep 28, 2012
Messages
868
Reaction score
320
Feedback: 0 / 0 / 0
Thanks for sharing.

Today I got e-mail from Godaddy, because I used some years ago their hosting services.

Dear Fxxxx,

We are writing to inform you of a security incident impacting our GoDaddy Managed WordPress environment you once purchased and used. According to our records your Managed WordPress account is no longer active.

On November 17, we identified suspicious activity in our WordPress hosting environment and immediately began an investigation with the help of an IT forensics firm and have contacted law enforcement. Our investigation is ongoing, but we have determined that, on or about September 6, 2021, an unauthorized third party gained access to your customer number, email address associated with your previously used Managed WordPress account; and the password you first used when setting up your WordPress Admin login.

If you use that same password for other accounts, we recommend you change your password to those accounts and adopt data security best practices, such as choosing a strong unique password, regularly changing it, and enabling multi-factor authentication where available. We also recommend that you remain vigilant for potentially fraudulent communications sent to your email address purporting to be from GoDaddy or other third parties.

For residents living in California, Colorado, Delaware, Illinois, New York, New Jersey, Oregon, Vermont, Washington, and Wyoming, please visit https://www.godaddy.com/help/a-41004 for additional resources that describe additional steps you can take to help protect your information, including recommendations by the Federal Trade Commission regarding identity theft protection and details on how to place a fraud alert or a security freeze on your credit file.

Thank you,

Demxxxxxx Coxxx

Chief Information Security Officer
 

Biggie

Level 13
DNForum.com Staff
Joined
Sep 4, 2002
Messages
14,537
Reaction score
1,885
Feedback: 164 / 0 / 0
Hi

really interesting to read the comments here
it tells so much

imo....
 

amplify

Level 9
DNForum.com Staff
Joined
Sep 15, 2009
Messages
3,358
Reaction score
1,101
Feedback: 67 / 0 / 0
Hi

really interesting to read the comments here
it tells so much

imo....
Do explain... I think I've made myself very clear that the hackers are the root of the issue in both cases without beating a dead horse.
 
Visit nameinvestors.com
Visit Epik domain registrar

Latest resources

Forum statistics

Threads
521,548
Messages
1,931,504
Members
532,011
Latest member
sbdigitonics
Top Bottom