GoDaddy Admits to Multi-Year Data Breach
Table of Contents
- By Steven
- Feb 20, 2023
Many people have turned to GoDaddy over the years. They are known for their website solutions, including URLs, hosting, and web builder. Unfortunately, being a big company, they have also been the target of hackers. Friday, February 17, 2023, GoDaddy revealed they were part of a data breach that spanned more than two years. The biggest issue is that it also exposed the data of more than 21 million customers plus source code that the company relies on. It could be far more devastating than they currently know since it affected both customers and employees.
How Did the Attack Occur?
This particular data breach began in 2020 and continued through 2022, exposing a lot of data. When hackers found this vulnerability, they took their time going through the coding to get access to everything they could. That resulted in a slow trickle of information that was slow and small enough not to attract attention. GoDaddy has struggled with data breaches in the past, and these types of breaches were what the company was focused on and looking for. That is how it was able to go on for two years without anyone detecting the problem.
What Information Was Viewed or Stolen?
The company’s release to the Securities and Exchange Commission explained that hackers found a vulnerability that led to several problems.
- The hackers were able to steal the source code of the company, allowing them to recreate some website components.
- Hackers were able to use that same vulnerability to install malware, redirecting legitimate customer URLs to malicious URLs without their knowledge or consent.
- The hackers stole the login credentials of both customers and employees.
How Did GoDaddy Admit to the Breach?
GoDaddy filed paperwork with Securities and Exchange Commission that explained what they knew about the breach so far. It began in 2020, and was stopped in late 2022. They also indicated that the hacking group responsible must have been quite sophisticated based on how the breach took place. GoDaddy also revealed that despite the extensive steps they have taken to secure their network, they are not sure if the hackers are gone from their network or not.
What Will Become of the Stolen Information?
No one is really sure what will happen to the information the hackers stole since no one is entirely sure hat was stolen. The company is right now operating under the assumption that hackers had access to everything in their network. That means it could impact GoDaddy’s revenue, which is currently approximately $4 billion annually, and it could also affect any or all their 21 million customers, plus all their employees.
What Should Affected Parties Do in the Aftermath of the Breach?
Anyone that has ever worked for or turned to GoDaddy for their services should be aware of their personal information. The amount of data these hackers had access to could easily result in identity theft or worse. It is vital to watch your mail, accounts, and monitor your credit to ensure hackers are not taking your personally identifiable information and using it for nefarious purposes.