September 23, 2023

GoDaddy has disclosed a data breach from December 2022 that allowed unknown third parties to gain access to GoDaddy source code, and they installed malware on the company’s servers.

GoDaddy says it has added security measures to stop a similar attack in the future and is working with law enforcement to stop the bad actors.

Advertisements

Initially, GoDaddy noticed a problem in early December of last year, when a few customer complaints all mentioned that their website had been intermittently redirected.

GoDaddy realized that an unauthorized party had accessed the servers in their cPanel shared hosting environment, and the issue was caused by malware that had been installed by the third-party actor and obtained the source codes related to the services

The December 2022 incident is connected to two other security events it encountered in March 2020 and November 2021.

In 2020, the breach entailed the compromise of hosting login credentials of about 28,000 hosting customers and a small number of its personnel.

Advertisements

In 2021, GoDaddy said that the threat actor used a compromised password to access a provisioning system in its legacy code base for Managed WordPress (MWP), affecting close to 1.2 million active and inactive MWP customers across multiple GoDaddy brands.

Tags:

Leave a Reply

You may have missed

SandMan APT Group in action against Telcos

September 22, 2023

Gold Melody IAB Unsunging for Several Years

September 22, 2023

Apple fixes trio of Zeroday Exploits

September 22, 2023

T-Mobile and Data Breach tightly coupled

September 21, 2023

Cisco Acquires Splunk in a blockbuster deal

September 21, 2023

Atlassian BitBucket and Confluence Vulnerabilities

September 21, 2023
%d bloggers like this: