- On February 16, 2023, GoDaddy filed its annual 10-K report with the US Securities and Exchange Commission.
- Under the category “Operational Risks,” it was determined that the corporation had multiple data breaches in the last three years, affecting over one million Godaddy users.
- GoDaddy also stated that it will rely increasingly on third-party and public-cloud infrastructures to protect itself from illegal access.
GoDaddy is a publicly listed American Internet domain registration and web hosting firm based in Tempe, Arizona, and incorporated in Delaware. GoDaddy has millions of clients and thousands of employees all around the world. GoDaddy’s hosting offerings include shared virtual private server (VPS), and dedicated hosting. The corporation filed its mandatory annual 10-K filing with the US SEC on February 16, 2023. It was discovered under the subheading “Operational Risks” that the company suffered many data breaches in the last three years, affecting over one million Godaddy users.
Multi-year breaches, still investigating
GoDaddy found in March 2020 that a threat actor had obtained the hosting login credentials of about 28,000 hosting customers as well as the login credentials of a small number of its workers. The conclusion of the following lawsuit and its outcome are both unknown. An unauthorized third party gained access to and planted malware on GoDaddy’s cPanel hosting servers in December 2022. The spyware linked random consumer websites to malicious sites on an irregular basis. According to its research, these instances are part of a multi-year campaign by a sophisticated threat actor organization that, among other things, placed malware on our systems and got code linked to some GoDaddy services. GoDaddy is still looking into what caused the situation.
GoDaddy added:
« We are working with multiple law enforcement agencies around the world, in addition to forensics experts, to further investigate the issue. We have evidence, and law enforcement has confirmed, that this incident was carried out by a sophisticated and organized group targeting hosting services like GoDaddy. According to information we have received, their apparent goal is to infect websites and servers with malware for phishing campaigns, malware distribution and other malicious activities. »
GoDaddy also said that it would become more reliant on third-party and public-cloud infrastructures, such as AWS and other third-party service providers, to defend against unauthorized access, cyber-attacks, and misuse of client data as it continues to rely on third-party security measures.