GoDaddy joins the dots and realizes it’s been under attack for three years

In brief Web hosting and domain name concern GoDaddy has disclosed a fresh attack on its infrastructure, and concluded that it is one of a series of linked incidents dating back to 2020.

The business took the unusual step of detailing the attacks in its Form 10-K – the formal annual report listed entities are required to file in the US.

The filing details a March 2020 attack that “compromised the hosting login credentials of approximately 28,000 hosting customers to their hosting accounts as well as the login credentials of a small number of our personnel” and a November 2021 breach of its hosted WordPress service.

The latest attack came in December 2022, when boffins detected “an unauthorized third party gained access to and installed malware on our cPanel hosting servers,” the filing states. “The malware intermittently redirected random customer websites to malicious sites.”

GoDaddy is unsure of the root cause of the incident, but believes it could be the result of “a multi-year campaign by a sophisticated threat actor group that, among other things, installed malware on our systems and obtained pieces of code related to some services within GoDaddy.”

“To date, these incidents as well as other cyber threats and attacks have not resulted in any material adverse impact to our business or operations,” the filing states – showing enormous empathy for customers whose sites were redirected in the most recent attack, or impacted by the earlier incidents.

In a brief statement on the

Read more

Explore the site

More from the blog

Latest News