Do you use GoDaddy?

GoDaddy is a popular web hosting company with millions of customers worldwide. Users are alarmed to find that attackers stole the company’s source code.

The hosting giant found the security breach in early December 2022 after it received customer reports. From there, it carried out a comprehensive investigation. GoDaddy
disclosed that its sites are being redirected to random domains.

Security experts do not know who was behind the attack. No one has claimed responsibility. What they do know is they are a sophisticated group after successfully installing malware into GoDaddy systems. The attackers also got parts of the services’ source code.

Investigations showed that the attackers had access to the company network. And they had it for years.


Multi-Year Hacking Campaign

GoDaddy believes the attack is part of a campaign. They had other hacks in the past. The techniques show it is part of the same campaign.

A data breach in November 2021 affected more than 1 million customers. The attack focused on Managed WordPress service. The attackers used a compromised password to get into the hosting environment. It exposed customer data like emails and passwords.

The company had another breach in March 2020. Attackers gained access to more than 28,000 user accounts. They used this to connect to their hosting.

Evidence shows that the attack is part of a bigger campaign. Cybercriminals are targeting web hosting companies.


Why Attackers Targeted GoDaddy

Cybercriminals target companies handling valuable information. GoDaddy has access to a lot of that. It offers hosting services to more than 20 million customers worldwide. To criminals, that means 20 million data sets. Those customers have customers as well, possibly compounding the exposed data.


GoDaddy Response

GoDaddy is continuing to investigate the incident, according to its official blog. It has uncovered what the criminals did and how they did it.

The company has begun working with forensic experts to find more information. Law enforcement is helping with the investigation. The goal is to find the attackers before they do more damage.

Right now, the company is focusing on three things:

  • Blocking further breaches by the attackers.
  • Monitoring the situation.
  • Gathering more evidence.

All the information is being filed and shared. It helps in fighting against attackers and
potential cyber threats. It takes a village to protect data.


My perspective

GoDaddy’s security breach has far-reaching consequences, including for business owners. If you use GoDaddy, your business’s information may have been exposed. If you use another service, the incident still highlights the risk you face. Every business owner should see this incident as a reminder of how important it is to have cybersecurity measures in place to protect both you and your customers. As GoDaddy found out, your business’s information is not the only data risk – you also have a responsibility to protect your customers’ data.


"Life is never fair, and perhaps it is a good thing
for most of us that it is not." -Oscar Wilde


By Denis Wilson

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this post. I always take into mind that your time and attention are precious. And these posts need to be timely, to the point, and short. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, YouTube, and Facebook

I am also a published author and speaker on cloud computing, work-from-anywhere, and cybersecurity. I work extensively with business and professional associations to provide small business technology education programs.


Contact me if you have any questions about the subject.
I'd be happy to spend 15 minutes discussing it with you.