GoDaddy Breached: Who’s to Blame?

As of early February, this year, GoDaddy has released a statement about an incident they’ve been investigating since early December 2022

“We started receiving a small number of customer complaints about websites being intermittently redirected—according to information we have received, the apparent goal is to infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities.”

They’ve also announced that “law enforcement has confirmed that this incident was carried out by a sophisticated and organized group targeting hosting services” with evidence suggesting that this was the same organized group responsible for other breaches the company has suffered in recent years.

Since GoDaddy has released this statement, headlines have been running wild about how this company has failed to protect themselves from their third data breach in recent years.   

1. The first incident occurred back in 2020, when it was claimed that over 28,000 web hosting accounts were compromised (Web hosting accounts are administrative accounts on a website and are typically the owners). GoDaddy suggested that this breach didn’t impact its internal systems or infrastructure. However, some reports suggested that the breach may have exposed sensitive customer information such as domain names, site configurations, and SSL certificates.
2. Then in 2021, GoDaddy released information about another breach affecting 1.2 million of their customers. The information leaked included server passwords, usernames, emails, and private SSL keys.

Flash forward to today, and based on what GoDaddy has stated, this recent event isn’t anything like your average data breach. In fact, it’s not really a data breach at all.

All that GoDaddy has “confirmed” is that there is, or was, a hacker who infiltrated the cPanel hosting servers and set up redirects to malicious sites—the same hacker that leaked data in the breaches prior.

This is obviously still terrible for everyone involved, especially small businesses that rely on the integrity of their websites, but it’s a far cry from the company suffering “Three Data Breaches in a Row” like news headlines are indicating.

Quick to Point Fingers

Arguably, everything companies like GoDaddy say in initial statements should be taken with a grain of salt. Large organizations don’t have the greatest status when it comes to releasing statements that would harm their reputation, and this situation would be no different.

However, while we still don’t know the full story, hundreds of articles have already been made painting GoDaddy as the perfect example of gross negligence. 

“It boggles the mind that the attack went unnoticed for so long—You just don’t resume business as usual until you fully understand the cause of your last breach — this is security 101”

“This should be the kind of incident that sets a strong precedent — secure your systems or cease trading.”

Blame the Criminals

I don’t believe anyone would disagree that GoDaddy, and any other large company for that matter, should provide nothing but the highest level of security for their customers and their information.

But the thing is, that’s a lot easier said than done when you consider everything these companies have to worry about:

• Sophisticated Hacking Techniques: Cybercriminals are continuously developing new and advanced hacking techniques to breach even the most secure systems. Companies simply can’t keep up to date on rapidly evolving threats that have never been seen before.
• Human Error: Many incidents like this occur due to human error, such as employees accidentally exposing sensitive information, using weak passwords, or falling for phishing scams. It’s unreasonable to think that every single employee is going to follow security best practices consistently.
• Larger Company Doesn’t Mean Stronger Protection: The larger a company is the more extensive and complex IT systems become, making it harder to identify vulnerabilities and patch them in time. It can also be challenging to secure all endpoints when you consider the number of third parties that can infect an organization as well.

The goal of this article isn’t to make you feel pity for multi-million dollar business industries, it’s to put emphasis on how vulnerable they really are.

Here are some other major web hosting breaches for comparison:

Hostinger Breach: 14 million Hostinger user’s usernames, emails, hashed passwords, first names, and IP addresses were accessed by an unauthorized third party in 2019

DreamHost Breach:Another large web host, DreamHost, accidentally had a database exposed, resulting in the leak of names, usernames, and other client data. All-in-all, a total of 815 million records were threatened.

So, before you write off GoDaddy as a company that couldn’t care less about your privacy, know that big organizations aren’t as bulletproof as you’d think.

For GoDaddy Customers

Unfortunately, there’s not too much you can do as a website owner to protect yourself in this situation. Based on how GoDaddy worded its take on the incident, it’s not clear how the hackers were configuring the redirects.

As of now, they’re “claiming” to have fixed all the redirects, but it should go without saying that keeping a constant eye on the status of your site is a good idea.

On top of that, resetting administrative passwords and setting up MFA or 2FA for logins is something you should always do for accounts you want to keep secure.

• Would switching web hosting companies be a good idea? Yes
• Is it absolutely necessary? No

If it’s not a major inconvenience, switching web hosting providers would be the safest and smartest thing to do because there’s no telling how much information was leaked by GoDaddy over the years.

It’s also apparent that whatever criminal organization is attacking GoDaddy, is pretty deadest on continuing to do so. So, even though other web hosting services could just as easily become victims, they don’t have a target on their back like GoDaddy currently does.

For Everyone Else

Besides taking the normal safety precautions when browsing online (not clicking suspicious links, giving out information, etc), there’s not a whole lot you can do to avoid sites that have been redirected.

Some sites don’t even appear to redirect you and may just install malware without you even noticing. This is where anti-viruses can come in handy when it comes to keeping your device safe from unseen threats.

In Conclusion

While we all like to pick a scapegoat after events like this, cyber-attacks aren’t something that companies can easily avoid by any means, especially vulnerable ones like web hosting services. Know that these kinds of attacks aren’t going away anytime soon, and that they can effect all types of organizations at any given time.

Want to learn more?

Our blog is your one-stop-shop for all things related to identity theft and digital privacy protection. We provide you with the latest news and updates on identity theft trends and offer practical tips and resources to help you safeguard your personal information. We also cover a wide range of topics, from protecting your passwords and financial accounts to things like securing your social media profiles and online shopping habits.

Our team has over 15+ years of identity theft restoration and prevention experience, and we’ve created comprehensive guides and tutorials that will show you everything we’ve learned about detecting, preventing, and recovering from identity theft.

In addition, we offer reviews and comparisons of the top identity theft protection services, so you can find the best solution to fit your needs and budget.

Feel confident that you’re taking all the right steps to keep your privacy, finances, and devices protected. Don’t wait until it’s too late – join our community today!