news GoDaddy discloses recent security breach !

[lovely4ever]

https://www.yahoo.com/now/godaddy-wordpress-security-issue-1-2-million-users-150142622.html​

.

 

[labrocca]

There is still more information to become available. However, there are some key differences here between the breach of Epik and the breach of GoDaddy. Like response time, scope of the breach, fall-out, motivation and goals of the hacker(s), etc. I had a serious breach about 10 years ago, and the hacker(s) placed malicious code on the server to send out spam and collect email addresses. The hackers wanted to keep the hack incognito as this would allow them to exploit the server for as long as possible. This seems to be the case here. It is to GoDaddy's credit that they identified it so soon (it occurred on Nov 17) and responded fairly quickly.

Outcome is the same. Allowing a breach to be politicized so you can blame the company instead of the illegal act by the hackers is silly. Blaming the victim is ridiculous. Security is security and Epik got a lot of flack for their practices but I barely see anyone saying that Godaddy is responsible for this. Hackers target EVERYONE. If you have a weakness in your security they will find it. It shouldn't matter who the target is and practically doesn't matter what motivated the hackers either. Whether it's for money, politics, or the lulz. You get breached, you do your best, you move on. The Epik thread is like 100 pages. Godaddy hasn't even gotten a 2nd page thread. Just unreal.

 

[labrocca]

Just waiting for a similar explosion of rage from the same people who were furiously bashing Epik for exactly the same thing about a month ago.

Exactly. Is Godaddy doomed? Everyone who uses them (who is that btw?) gonna move their domains and hosting now? Is it going to be some political smearing of the CEO?

Companies get breached, that's the lesson here. You can hope that breaches are handled professionally and that they do their best to secure your account.

 

[VadimK]

There is still more information to become available. However, there are some key differences here between the breach of Epik and the breach of GoDaddy. Like response time, scope of the breach, fall-out, motivation and goals of the hacker(s), etc. I had a serious breach about 10 years ago, and the hacker(s) placed malicious code on the server to send out spam and collect email addresses. The hackers wanted to keep the hack incognito as this would allow them to exploit the server for as long as possible. This seems to be the case here. It is to GoDaddy's credit that they identified it so soon (it occurred on Nov 17) and responded fairly quickly.

Oh really? If there are ''more information to become available'' how can you even say that there are ''key differences''?

But did you even read the article, linked in the header? It's clearly said that the first breach happened on Sept 6, and GoDaddy only made it public on Nov 22. Oh yeah, indeed it's different from Epik, who admitted it like the next day, I totally agree...

The rest is just pure speculation - ''the motivation and goals of hackers'' - who gives a shit? What does it has to do with an outcome? Breach is breach, damage is done to both. Should a person holding a portfolio with GoDaddy be more relieved, knowing hackers weren't inspired by GoDaddy top management's political views? Big difference for a domainer, indeed... You shouldn't even change the passwords, when it's GoDaddy, right?
Obviously, it was done to GoDaddy for greater good, but to Epik because of ''...evil Rob Monster!!!...''.

 

[MadAboutDomains]

Just waiting for the trolls to slander them because of their politics even though they had the best intentions and categorically will not have wanted to allow this to happen, just like they did to another service that had a hack recently...

Not going to happen. Vile vile people that pretend to be nice as pie but are worse than that which they purport to oppose.

 

[VadimK]

Just waiting for a similar explosion of rage from the same people who were furiously bashing Epik for exactly the same thing about a month ago.

 

[WGS_Thunder]

https://www.wordfence.com/blog/2021/11/godaddy-breach-plaintext-passwords/

It appears that GoDaddy was storing sFTP credentials either as plaintext, or in a format that could be reversed into plaintext. They did this rather than using a salted hash, or a public key, both of which are considered industry best practices for sFTP. This allowed an attacker direct access to password credentials without the need to crack them.

ugh!

 

[DN Playbook]

@Joe Styler, @Dan Nicks, do you know if this breach affects only hosting customers or also domain registrants? Also, how was it possible that login credentials were stored either in plaintext or in a format that could be easily reversed into plaintext? I used to be a customer of Media Temple before GD acquired them and they seemed pretty technically and security savvy.

 

[Future Sensors]

https://videos.godaddy.com/detail/v...bsite-is-hacked-how-to-know-and-how-to-fix-it

 

[Future Sensors]

GoDaddy now owns the company that invented Managed WordPress

November 11, 2021

https://www.techradar.com/news/godaddy-now-owns-the-company-that-invented-managed-wordpress

https://aboutus.godaddy.net/newsroo...etails/2021/Pagely-joins-GoDaddy/default.aspx

 

[Future Sensors]

Why GoDaddy Data Breach Of +1 Million Clients Is Worse Than Described

GoDaddy Managed WordPress hosting customers suffered a data breach. Passwords have been reset but effects may still be persist.

Over one million GoDaddy hosting customers suffered a data breach in September 2021 that went unnoticed for two months. GoDaddy described the security event as a vulnerability. Security researchers indicate that the cause of the vulnerability was due to inadequate security that did not meet industry best practices.

Read more:

https://www.searchenginejournal.com/why-godaddy-data-breach-of-1-million-clients-is-worse-than-described/428032/

 

[Future Sensors]

https://news.ycombinator.com/item?id=29306554

 

[Tomasso90]

Well if that's true we are all fcked.. proper fcked.
Sorry for cursing, was just quoting my fav movie Snatch

 

[DN Playbook]

OMG, not another one. I didn't receive any notification from GD even though I am a customer for many years. Only of domains not of hosting. Just got a notification from Wordfence.

https://twitter.com/x/status/1463279123875438598

 

[Future Sensors]

 

[aelko]

On October 23rd, I received an email from GoDaddy. They wrote that someone entered my account from a new location or device.

I have a unique password on GoDaddy because I used to have domains there.

It really excited me then. Because I thought someone was gaining access to my encrypted password database.

 

[Future Sensors]

GoDaddy Breach Widens to Include Reseller Subsidiaries

Customers of several brands that resell GoDaddy Managed WordPress have also been caught up in the big breach, in which millions of emails, passwords and more were stolen.

The GoDaddy breach affecting 1.2 million customers has widened – it turns out that various subsidiaries that resell GoDaddy Managed WordPress were also affected.

The additional affected companies are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost.

Read more:

https://threatpost.com/godaddy-breach-widens-reseller-subsidiaries/176575/

 

[Future Sensors]

The Sec.gov notice on Nov 22, 2021:

GoDaddy Announces Security Incident Affecting Managed WordPress Service

https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm

 

[Future Sensors]

https://techcrunch.com/2021/11/22/godaddy-breach-million-accounts/

 

[Future Sensors]

Announcement of the security incident on the GoDaddy Corporate website, targeted at NYSE:GDDY investors, not their customers.

https://aboutus.godaddy.net/newsroo...ecting-Managed-WordPress-Service/default.aspx

 

[Future Sensors]

https://twitter.com/x/status/1462998108015529988

 

[Future Sensors]

Any ideas what we should do? Should we change passwords?

Tagging @Paul Nicks here as well. He knows what GoDaddy is advising, and where to find more guidance for affected customers.

 

[silentg]

It doesn't hurt to change your password and turn on 2 factor authentication on (if you haven't turned it on).

 

[lock]

I was sent an email as why i know about it but i just deleted it as i have as many hacks as hot dinners. I spend most of my time now fixing things and trying to get rid of hackers i deleted most of my sites as overwhelmed with work. Getting to a point a one man show isn't worth the effort. My emails etc are in the thousands for data leaks most people wouldn't notice or look.

 

[Future Sensors]

Sample of Notice:

GoDaddy Template Customer Email.pdf
Organization Name:
GoDaddy.com, LLC
Date(s) of Breach (if known):
Monday, September 6, 2021
Tuesday, September 7, 2021
Wednesday, September 8, 2021
Thursday, September 9, 2021
Friday, September 10, 2021
Saturday, September 11, 2021
Sunday, November 7, 2021

Source:
https://oag.ca.gov/ecrime/databreach/reports/sb24-547856