GoDaddy Says Third Cyberattack by Group Targeted Customer Sites

GoDaddy has discovered the third cyberattack on its network by the same group since 2020.

In the most recent attack, which was discovered in December 2022, an attacker installed malware that intermittently and randomly redirected customer websites to malicious sites, the domain registrar said in a Friday (Feb. 17) filing with the Securities and Exchange Commission.

“Once we confirmed the intrusion, we remediated the situation and implemented security measures in an effort to prevent future infections,” GoDaddy said in a Friday blog post on its website.

This attack followed two earlier ones, according to the SEC filing.

In March 2020, GoDaddy found that a threat actor had compromised the login credentials of 28,000 hosting customers and a small number of the company’s personnel, the filing said.

Then, in November 2021, the firm learned that a third party had accessed its provisioning system in a move that impacted 1.2 million customers, per the filing.

“Based on our investigation, we believe these incidents are part of a multi-year campaign by a sophisticated threat actor group that, among other things, installed malware on our systems and obtained pieces of code related to some services within GoDaddy,” the firm said in the filing.

The security of backed-up and stored data is among the chief concerns of financial firms around the country, Continuity reported in February 2022.

The data storage firm found that more than 50% of the firms it surveyed said they were not confident about their storage and backup security, while another quarter said they were significantly concerned.

PYMNTS research has found that many businesses are looking to digital solutions that take human error out of the fraud equation.

In fact, 71% of businesses plan to implement digital solutions to prevent fraud and 49% say finding a better digital solution for fraud prevention is their primary fraud prevention plan, according to “The Hidden Costs of B2B Payments Fraud,” a PYMNTS and nsKnox collaboration.

In its SEC filing, GoDaddy said cybersecurity incidents expose its risk of loss, litigation and government investigations.

“To date, these incidents as well as other cyber threats and attacks have not resulted in any material adverse impact to our business or operations, but such threats are constantly evolving, increasing the difficulty of detecting and successfully defending against them,” GoDaddy said in the filing.