Article 68ZYJ GoDaddy says a multi-year breach hijacked customer websites and accounts

GoDaddy says a multi-year breach hijacked customer websites and accounts

by
Dan Goodin
from Ars Technica - All content on (#68ZYJ)
data-breach-800x435.jpeg

Enlarge (credit: Getty Images)

GoDaddy said on Friday that its network suffered a multi-year security compromise that allowed unknown attackers to steal company source code, customer and employee login credentials, and install malware that redirected customer websites to malicious sites.

GoDaddy is one of the world's largest domain registrars, with nearly 21 million customers and revenue in 2022 of almost $4 billion. In a filing Thursday with the Securities and Exchange Commission, the company said that three serious security events starting in 2020 and lasting through 2022 were carried out by the same intruder.

Based on our investigation, we believe these incidents are part of a multi-year campaign by a sophisticated threat actor group that, among other things, installed malware on our systems and obtained pieces of code related to some services within GoDaddy," the company stated. The filing said the company's investigation is ongoing.

Read 6 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments