The GoDaddy hack has shook the whole tech world, of late. In fact, the impact is so powerful that the incident has larger ramifications that go even beyond the peripheries of the global tech industry.
In a shocking revelation, GoDaddy Inc. the American publicly traded Internet domain registrar and web hosting company headquartered in Tempe, Arizona, reported that it has encountered a massive data breach that continued for as many as three years. It further added that the company fears almost 1.2M customer accounts and websites have been stolen or breached. To add to the woes, reports of source codes being stolen have also surfaced.
For the uninitiated, GoDaddy happens to be one of the world’s largest web hosting companies with more than 21 million customers and over 6,600 employees worldwide. That’s why such an incident has serious repercussions in the world, because of so much at stake.
In a nutshell, the recently-exposed GoDaddy cyber attack has forced almost everyone in the tech world to move to the edge of their seats. And it goes without saying that this shell-shocking incident calls for an extra cushion of caution.
Let’s delve deeper with the story to find out more details and get hold of every single important aspect related to the GoDaddy hack.
GoDaddy Hack: Absolute Shocker and Eye-Opener
In a Securities and Exchange Commission filing, the company stated that there have been three security breaches over the course of three years, between 2020 and 2022. It clearly mentioned that the attackers are suspected to have installed malware that redirected customer websites to several malicious sites.
While the investigations into the breaches are underway, GoDaddy said that it so far believes the incidents “are part of a multi-year campaign by a sophisticated threat actor group.” It went on to share that the group “installed malware on our systems and obtained pieces of code related to some services within GoDaddy…among other things.”
Among the series of attacks, the most recent one has been reported to have happened in December 2022, when the threat actors are believed to have gained access to the hosting servers used by GoDaddy customers to manage their websites, and installed malware on them. According to GoDaddy, that very malware “intermittently redirected random customer websites to malicious sites.”
When contacted, the officials from GoDaddy made it clear that the threat actors’ modus operandi is to “infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities.”
It’s believed that the same group managed to breach inside the company’s networks back in March 2020, and had stolen the login credentials of 28,000 customers along with some of GoDaddy’s own staff.
This was followed by another GoDaddy hack in November 2021, when the hackers used a stolen password to make 1.2 million customers’ WordPress instances vulnerable, gaining access to email addresses, usernames, passwords, and, in some cases, their websites’ SSL private keys.
What Lies Next?
The world’s leading web hosting company openly sought an apology from its customers in a statement, “We apologize for any inconvenience this may have caused to any of our customers or visitors to their websites,”.
It also declared that it’s leaving no stone unturned in its bid to strengthen the security and protect its customers’ interests, “We are using lessons from this incident to enhance the security of our systems and further protect our customers and their data.”
However, the GoDaddy hack once again points out nakedly that we are not well-prepared to deal with the new wave of cyberattacks. Just to remind you, barely a few months back, the $28M Deribit hack shattered the global crypto market and called for mass awareness regarding crypto insurance.
This is high time, we should become cautious and do the needful to calm down the panic in the air, which doesn’t help the global economy that’s already volatile.