Security News > 2021 > November > GoDaddy’s Latest Breach Affects 1.2M Customers

Web-hosting giant GoDaddy has confirmed another data breach, this time affecting at least 1.2 million of its customers.

On Monday, the world's largest domain registrar said in a public filing to the SEC that an "Unauthorized third party" managed to infiltrate its systems on Sept. 6 - and that the person(s) had continued access for almost two and a half months before GoDaddy noticed the breach on Nov. 17.

GoDaddy is in the process of issuing and installing new certificates for affected customers.

"To mitigate current vulnerabilities, customers of GoDaddy need to check that the certificates are updated and change the passwords for sFTP access to new and unique numbers, letters and symbols," he said.

"Customers of GoDaddy should monitor for unusual activity and report any red flags to the government/FTC as soon as possible."

Last November, a social-engineering "Vishing" attack on GoDaddy employees temporarily handed over control of cryptocurrency service sites NiceHash and Liquid to fraudsters, exposing personal information of users.

News URL

https://threatpost.com/godaddys-latest-breach-customers/176530/