Britec News

GoDaddy has new breach in what appears to be a multi-year scheme

GoDaddy disclosed in February that a multi-year security breach had occurred.

GoDaddy first noticed the breach in early December 2022. Customers of GoDaddy’s websites had been redirected to malicious third-party sites that had ill intentions.

GoDaddy says the group was sophisticated and organized, and this incident was caused by unknown threat actors. Multiple law enforcement agencies have been called in to help with the investigation.

Multiple security issues connected to this breach

The company has confirmed that this December 2022 incident is connected to two other security events it encountered in March 2020 and November 2021.

The March 2020 breach had 28,000 hosting customers and a small number of its personnel.

Then in 2021, GoDaddy said a rogue actor used a compromised password to access a provisioning system in its legacy code base for Managed WordPress (MWP), affecting close to 1.2 million active and inactive MWP customers across multiple GoDaddy brands. This highlights the importance of having an IT security team in place.

It has not disclosed how many were affected by this breach in December 2022.

This situation has taken over two years and may take more time to resolve.  To ensure this does not happen please keep all your software up-to-date.

‹ Back to Britec News