Namers

news GoDaddy discloses recent security breach !

Namecheap

lovely4ever

Established Member
Impact
1,099


1637594708891.png


1637594753330.png




.
 

Future Sensors

78% of human domainers will be replaced by robots
Impact
9,217
the 1 year chart is ugly IMO
It may be a buying opportunity. As a long-time platinum customer migrating away from GoDaddy with all my business, I have mixed feelings, because I'm also investing in the company. But my risk is spread over many different investments (including domains).
 
Impact
466
There is still more information to become available. However, there are some key differences here between the breach of Epik and the breach of GoDaddy. Like response time, scope of the breach, fall-out, motivation and goals of the hacker(s), etc. I had a serious breach about 10 years ago, and the hacker(s) placed malicious code on the server to send out spam and collect email addresses. The hackers wanted to keep the hack incognito as this would allow them to exploit the server for as long as possible. This seems to be the case here. It is to GoDaddy's credit that they identified it so soon (it occurred on Nov 17) and responded fairly quickly.
Outcome is the same. Allowing a breach to be politicized so you can blame the company instead of the illegal act by the hackers is silly. Blaming the victim is ridiculous. Security is security and Epik got a lot of flack for their practices but I barely see anyone saying that Godaddy is responsible for this. Hackers target EVERYONE. If you have a weakness in your security they will find it. It shouldn't matter who the target is and practically doesn't matter what motivated the hackers either. Whether it's for money, politics, or the lulz. You get breached, you do your best, you move on. The Epik thread is like 100 pages. Godaddy hasn't even gotten a 2nd page thread. Just unreal.
 
Just waiting for the 🤡🌍 trolls to slander them because of their politics even though they had the best intentions and categorically will not have wanted to allow this to happen, just like they did to another service that had a hack recently...

Not going to happen. Vile vile people that pretend to be nice as pie but are worse than that which they purport to oppose.
 

DN Playbook

Established Member
Impact
1,081
Oh really? If there are ''more information to become available'' how can you even say that there are ''key differences''?

But did you even read the article, linked in the header? It's clearly said that the first breach happened on Sept 6, and GoDaddy only made it public on Nov 22. Oh yeah, indeed it's different from Epik, who admitted it like the next day, I totally agree...

The rest is just pure speculation - ''the motivation and goals of hackers'' - who gives a shit? What does it has to do with an outcome? Breach is breach, damage is done to both. Should a person holding a portfolio with GoDaddy be more relieved, knowing hackers weren't inspired by GoDaddy top management's political views? Big difference for a domainer, indeed... You shouldn't even change the passwords, when it's GoDaddy, right?
Obviously, it was done to GoDaddy for greater good, but to Epik because of ''...evil Rob Monster!!!...''.
You're right. A breach is a breach and causes harm of varied degrees to the customer. The key questions that should be asked is when was the provider aware of the breach, what was the scope, what was or is the response, was the provider aware of security holes and when and what did they do about it at the time.

And I should have written the breach was identified on Nov 17. It did indeed occur on Sept 6 as per reports so far presented. The investigation is ongoing.
 
Last edited:

Future Sensors

78% of human domainers will be replaced by robots
Impact
9,217
Why GoDaddy Data Breach Of +1 Million Clients Is Worse Than Described

GoDaddy Managed WordPress hosting customers suffered a data breach. Passwords have been reset but effects may still be persist.

Over one million GoDaddy hosting customers suffered a data breach in September 2021 that went unnoticed for two months. GoDaddy described the security event as a vulnerability. Security researchers indicate that the cause of the vulnerability was due to inadequate security that did not meet industry best practices.


Read more:

https://www.searchenginejournal.com/why-godaddy-data-breach-of-1-million-clients-is-worse-than-described/428032/
 
Last edited:

aelko

.COM promos at tldes.com
Impact
4,106
On October 23rd, I received an email from GoDaddy. They wrote that someone entered my account from a new location or device.

I have a unique password on GoDaddy because I used to have domains there.

It really excited me then. Because I thought someone was gaining access to my encrypted password database.
 
Last edited:

Future Sensors

78% of human domainers will be replaced by robots
Impact
9,217
GoDaddy Breach Widens to Include Reseller Subsidiaries

Customers of several brands that resell GoDaddy Managed WordPress have also been caught up in the big breach, in which millions of emails, passwords and more were stolen.

The GoDaddy breach affecting 1.2 million customers has widened – it turns out that various subsidiaries that resell GoDaddy Managed WordPress were also affected.

The additional affected companies are 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost.


Read more:

https://threatpost.com/godaddy-breach-widens-reseller-subsidiaries/176575/
 
Last edited:

Windoms

Top Contributor
Impact
1,872
It's crazy to see the effect of basic communication when it comes to mitigating damage.
No one wants their domain at a registrar which is targeted by hackers and government agencies of all sorts because of their practice (being a haven for undesirable websites).

Had it been a very large and established company, some straightforward PR and security measures would have mitigated the damage
 

VRdommy

Top Contributor
Impact
6,047
Data and security are two words that should never be used together to mean anything.

Those of you who have asked if you should change your passwords... yes, don't be stupid.
In fact I would change them now and again in 6 months.
Don't use the same ones you use on other sites, or even throughout a site. hackers know humane habits.
Create a cheat sheet to remember them if you must.

I have always been weary of any system or method that allows others to store my passwords.
Any sitting data is hackable, so, place as few bits of it in the hands of others as you can for when, not if it happens.

We may only be 5 - 10 years away from super computers cracking all present forms of encryption, so, it's only a matter of time before that is in the hands of state sponsored hacks. Many are storing data they can't crack yet with the idea of doing it at that time. Add extra digits to your existing passwords yearly may help some.

But on the surface of this hack, you may have only prevented it by doing your own hosting and security.
Sometimes the easy cheap has a price you do not see.

You can back-up your WP and DB's easy enough and move them to a new host.
GD is a big target because of the number of users it has.... JACKPOT !

Data security only exists in the voices of those who wish to liberate you of money.
Does it give you a warm fuzzy feeling ? LOL

Just try not to make it easy for them !
 
Last edited:

DN Playbook

Established Member
Impact
1,081
But on the surface of this hack, you may have only prevented it by doing your own hosting and security.
Sometimes the easy cheap has a price you do not see.

Indeed. Using shared hosting, even vps, carries risks when someone on the same server or network behaves poorly. The reason so many users are using those services is because they are cheap. Running your own hosting is expensive and requires knowledge of server management.

GoDaddy is a target because of their size. Risk to payload ratio is very low for nefarious hackers. You also have to take into account that Wordpress is the most attacked and hacked open source CMS because people simply don't bother or don't know how to secure their WP sites. Often a user will install the basic WP installation on a site and forget about it for a while.
 
Top Bottom