On Tuesday, popular domain registrar and web hosting provider GoDaddy revealed it had suffered a “multi-year” security breach that allowed hackers to hijack customer websites and accounts.
The breach, first reported by Krebs On Security, was attributed to the Compal Blu remote access system, which the company had implemented in 2014, allowing employees access to customer websites for customer service.
The hackers were able to gain access to customers’ details, including login credentials and IP addresses, as well as to hijack customer websites and accounts.
GoDaddy has since disabled the access system and taken measures to improve security and secure customers’ website data.
The breach reportedly first occurred in October 2019 but was not discovered by GoDaddy until July 2020.
The malicious actors had access to customer accounts for up to five months before being detected.
The websites of more than 6,000 customers were reportedly hijacked in the process, with many of the websites being used to spread malicious advertising links and scam campaigns.
The breach also allegedly impacted GoDaddy’s resellers and reseller programs, with approximately 4,000 reseller accounts being hacked.
The breach was discovered when an employee received an email from a hacker demanding a ransom in exchange for the return of customer data.
GoDaddy is now working with law enforcement and has contacted impacted customers.
The company has also updated their security practices to make sure that customers’ data is better protected in the future.
This breach serves as a reminder of the importance of security and why companies should invest in better security measures. Customers should also always be diligent in protecting their accounts by using strong passwords and two-factor authentication.
Hey Subscribe to our newsletter for more articles like this directly to your email.