Victor Wynne

GoDaddy says a multi-year breach hijacked customer websites and accounts

source: arstechnica.com

Dan Goodin:

GoDaddy said on Friday that its network suffered a multi-year security compromise that allowed unknown attackers to steal company source code, customer and employee login credentials, and install malware that redirected customer websites to malicious sites.

GoDaddy is one of the world’s largest domain registrars, with nearly 21 million customers and revenue in 2022 of almost $4 billion. In a filing Thursday with the Securities and Exchange Commission, the company said that three serious security events starting in 2020 and lasting through 2022 were carried out by the same intruder.

To the people who were still using GoDaddy despite its terribleness…you should have known to expect this, and I don’t pity you at all.