news GoDaddy discloses recent security breach !

love4ever · Nov 22, 2021

https://www.yahoo.com/now/godaddy-wordpress-security-issue-1-2-million-users-150142622.html

.

Future Sensors · Nov 22, 2021

https://news.ycombinator.com/item?id=29306554

Future Sensors · Nov 22, 2021

The Sec.gov notice on Nov 22, 2021:

GoDaddy Announces Security Incident Affecting Managed WordPress Service

https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm

Future Sensors · Nov 22, 2021

https://techcrunch.com/2021/11/22/godaddy-breach-million-accounts/

Tomasso90 · Nov 22, 2021

Well if that's true we are all fcked.. proper fcked.
Sorry for cursing, was just quoting my fav movie Snatch

Future Sensors · Nov 23, 2021

Announcement of the security incident on the GoDaddy Corporate website, targeted at NYSE:GDDY investors, not their customers.

https://aboutus.godaddy.net/newsroo...ecting-Managed-WordPress-Service/default.aspx

Future Sensors · Nov 23, 2021

Nothing in the Newsroom section of the regular GoDaddy website, yet (this section is linked to in the footer of www.GoDaddy.com)

https://newsroom.godaddy.net/newsroom/overview/default.aspx

Future Sensors · Nov 23, 2021

Any GoDaddy Managed WordPress customers here who have received any form of email communication about this incident? If so, what was in it?

Future Sensors · Nov 23, 2021

https://twitter.com/x/status/1462998108015529988

love4ever · Nov 23, 2021

https://www.itworldcanada.com/artic...ddys-managed-worldpress-service-hacked/466268

.

Robert27 · Nov 23, 2021

Any ideas what we should do? Should we change passwords?

Future Sensors · Nov 23, 2021

Rumandcoke said:
Any ideas what we should do? Should we change passwords?

Tagging @Paul Nicks here as well. He knows what GoDaddy is advising, and where to find more guidance for affected customers.

VadimK · Nov 23, 2021

Just waiting for a similar explosion of rage from the same people who were furiously bashing Epik for exactly the same thing about a month ago.

silentg · Nov 23, 2021

It doesn't hurt to change your password and turn on 2 factor authentication on (if you haven't turned it on).

WGS_Thunder · Nov 23, 2021

https://www.wordfence.com/blog/2021/11/godaddy-breach-plaintext-passwords/

It appears that GoDaddy was storing sFTP credentials either as plaintext, or in a format that could be reversed into plaintext. They did this rather than using a salted hash, or a public key, both of which are considered industry best practices for sFTP. This allowed an attacker direct access to password credentials without the need to crack them.

ugh!

DN Playbook · Nov 23, 2021

OMG, not another one. I didn't receive any notification from GD even though I am a customer for many years. Only of domains not of hosting. Just got a notification from Wordfence.

https://twitter.com/x/status/1463279123875438598

DN Playbook · Nov 23, 2021

@Joe Styler, @Dan Nicks, do you know if this breach affects only hosting customers or also domain registrants? Also, how was it possible that login credentials were stored either in plaintext or in a format that could be easily reversed into plaintext? I used to be a customer of Media Temple before GD acquired them and they seemed pretty technically and security savvy.

labrocca · Nov 24, 2021

VadimK said:
Just waiting for a similar explosion of rage from the same people who were furiously bashing Epik for exactly the same thing about a month ago.

Exactly. Is Godaddy doomed? Everyone who uses them (who is that btw?) gonna move their domains and hosting now? Is it going to be some political smearing of the CEO?

Companies get breached, that's the lesson here. You can hope that breaches are handled professionally and that they do their best to secure your account.

lock · Nov 24, 2021

I was sent an email as why i know about it but i just deleted it as i have as many hacks as hot dinners. I spend most of my time now fixing things and trying to get rid of hackers i deleted most of my sites as overwhelmed with work. Getting to a point a one man show isn't worth the effort. My emails etc are in the thousands for data leaks most people wouldn't notice or look.

Future Sensors · Nov 24, 2021

Sample of Notice:

GoDaddy Template Customer Email.pdf
Organization Name:
GoDaddy.com, LLC
Date(s) of Breach (if known):
Monday, September 6, 2021
Tuesday, September 7, 2021
Wednesday, September 8, 2021
Thursday, September 9, 2021
Friday, September 10, 2021
Saturday, September 11, 2021
Sunday, November 7, 2021

Source:
https://oag.ca.gov/ecrime/databreach/reports/sb24-547856

motosportsliveviewingcommunity.com

readienz.com

deliveringhappiness.es

hazul.pt

ekqr.live

uvinum.es

laluge.fr

ikwal.id

puertomassage.lat

rbsports77.cyou

news GoDaddy discloses recent security breach !

Top Member

78% of human domainers will be replaced by robotsTop Member

78% of human domainers will be replaced by robotsTop Member

78% of human domainers will be replaced by robotsTop Member

Established Member

78% of human domainers will be replaced by robotsTop Member

78% of human domainers will be replaced by robotsTop Member

78% of human domainers will be replaced by robotsTop Member

78% of human domainers will be replaced by robotsTop Member

Top Member

Established Member

78% of human domainers will be replaced by robotsTop Member

Top Member

DomainRetail.comTop Member

certified domainiacTop Member

Established Member

Established Member

Top Member

FREE.MARKETINGTop Member

78% of human domainers will be replaced by robotsTop Member

myvip.xyz

wabzy.com

a1wrecker.com

EmploymentSecrets.com

Domains.Boutique

TeamBounty.com

kwmb.com

LystAi.com

Uuuio.com

Stockade.net

Similar threads

We're social

myvip.xyz

wabzy.com

a1wrecker.com

EmploymentSecrets.com

Domains.Boutique

TeamBounty.com

kwmb.com

LystAi.com

Uuuio.com

Stockade.net

Pinned

Appreciation

Agreement

Answers

Relevance

Reaction

Status

Feeling