September 23, 2023

GoDaddy has disclosed a data breach from December 2022 that allowed unknown third parties to gain access to GoDaddy source code, and they installed malware on the company’s servers.

GoDaddy says it has added security measures to stop a similar attack in the future and is working with law enforcement to stop the bad actors.

Advertisements

Initially, GoDaddy noticed a problem in early December of last year, when a few customer complaints all mentioned that their website had been intermittently redirected.

GoDaddy realized that an unauthorized party had accessed the servers in their cPanel shared hosting environment, and the issue was caused by malware that had been installed by the third-party actor and obtained the source codes related to the services

The December 2022 incident is connected to two other security events it encountered in March 2020 and November 2021.

In 2020, the breach entailed the compromise of hosting login credentials of about 28,000 hosting customers and a small number of its personnel.

Advertisements

In 2021, GoDaddy said that the threat actor used a compromised password to access a provisioning system in its legacy code base for Managed WordPress (MWP), affecting close to 1.2 million active and inactive MWP customers across multiple GoDaddy brands.

Leave a Reply

%d bloggers like this: