Security News

GoDaddy data breach shows why businesses need to better secure their customer data
2020-05-05 20:39

Web hosting provider and domain registrar GoDaddy was hit by a data breach that compromised the account credentials of around 28,000 customers. "On April 23, 2020, we identified SSH usernames and passwords had been compromised by an unauthorized individual in our hosting environment. This affected approximately 28,000 customers. We immediately reset these usernames and passwords, removed an authorized SSH file from our platform, and have no indication the individual used our customers' credentials or modified any customer hosting accounts. The individual did not have access to customers' main GoDaddy accounts."

GoDaddy hack: Miscreant goes AWOL with 28,000 users' SSH login creds after vandalizing server-side file
2020-05-05 16:15

Hosting biz GoDaddy has admitted a hacker tampered with an SSH file on its servers, leading to the theft of 28,000 users' SSH credentials. The intrusion, which took place last month, involved one or more malicious persons "Alter" an SSH file on GoDaddy's infrastructure, the US giant told The Register.

GoDaddy Hack Breaches Hosting Account Credentials
2020-05-05 15:55

UPDATE. GoDaddy, the world's largest domain name registrar, is warning customers that attackers may have obtained their web hosting account credentials. The company said that the breach only affected hosting accounts, not general GoDaddy.com customer accounts, and that no customer data in the main accounts was accessed.

GoDaddy – “unauthorized individual” had access to login info
2020-05-05 15:53

We need to inform you of a security incident impacting your GoDaddy web hosting account credentials. The investigation found that an unauthorized individual had access to your login information used to connect to SSH on your hosting account.

GoDaddy Notifies Customers of Data Breach
2020-05-05 09:28

GoDaddy has been notifying customers of a data breach that may have resulted in their web hosting account credentials getting compromised. "We need to inform you of a security incident impacting your GoDaddy web hosting account credentials," the accompanying customer notification letter reads.

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others
2020-04-01 03:30

The incident gave the phisher the ability to view and modify key customer records, access that was used to change domain settings for a half-dozen GoDaddy customers, including transaction brokering site escrow.com. In a statement shared with KrebsOnSecurity, GoDaddy acknowledged that on March 30 the company was alerted to a security incident involving a customer's domain name.

GoDaddy Shutters 14,000 Subdomains Tied to ‘Snake Oil’ Scams
2019-04-26 17:47

GoDaddy worked with researchers to shut down 15,000 domain-shadowing websites tied to bogus affiliate marketing offers promoted via spam campaigns.

Widespread scam campaigns targeting millions uncovered by GoDaddy and Palo Alto Networks
2019-04-26 17:00

A research team found that thousands of websites were tricking users into entering credit card information by spoofing trustworthy sites.

Crooks Continue to Exploit GoDaddy Hole
2019-02-04 19:12

Godaddy.com, the world's largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains. But...

Bomb threat spam may stem from GoDaddy DNS weakness
2019-01-24 13:15

A bomb threat spam campaign that hit North America last month may have been engineered using a flaw in GoDaddy’s domain management process, it was revealed this week.