Learning from the GoDaddy breach

GoDaddy, the largest and most widely trusted domain registrar globally, was the victim of a data breach in mid-November 2021, affecting 1.2 million active and inactive WordPress users. Managed WordPress services resellers like Media Temple, Domain Factory, Heart Internet and 123reg, were also compromised in the breach.

The unauthorised third party managed to access customer names, account numbers, email addresses, usernames and, in some cases, private SSL keys, which assure web users that they can browse the site securely.

Hacker harassment

The registrar initially noticed an unauthorised third-party access attempt back in September and, after blocking the threat, assumed that all was well. However, this more recent breach has confirmed that the attack was more successful than initially thought, as the hackers managed to crack a password to access confidential details.

The data breach targeted managed WordPress users and gained access to information that could leave them vulnerable to phishing attacks further down the line. For example, customers who continued to use the automated password they received when they set up their websites were left completely exposed when the hackers now had both pieces of authentication and could take over the site if they were to choose to do so.

While GoDaddy has done its bit to reset these passwords and continues to reach out to affected clients, it has exposed a gap in security that should never have been there in the first place.

Should you be worried?

Well, recovery from a data breach is not only time-consuming and inconvenient but enormously costly. WordPress is a popular choice for SMMEs, with many businesses adding an e-commerce plugin to generate and enable sales directly through their website. When you consider how a data breach would affect customers who shop through the site, leaving their financial information exposed, it’s easy to understand how much damage this hack could do.

Given the size of GoDaddy and the number of service provider websites linked to the registrar, either directly or via service providers, Liza Weschta, Cybersecurity Product Manager at Numata, says that every business should carefully assess its supply chain. "It is vitally important to understand any gaps in security and take the necessary steps to keep ahead of the threat."

This breach has highlighted the need to take a proactive approach to cybersecurity no matter the size of your business and rope every employee into the fight against cyber-attacks.

Hackers are relentless in their cyberattack mission and no one can afford to take the wait-and-see approach. Breaches cause significant damage and, in some cases, can be the death knell for smaller to medium enterprises.

Numata can assist with web security with web vulnerability scans and offers 24/7 managed detection response, dark web monitoring and security awareness training for staff. Get in touch and find out more about our cybersecurity subscription services and solutions that are best suited to protect your business from common cyber threats.

Back to Blog