GoDaddy

GoDaddy reported the compromising of 28,000 of its customers' web hosting accounts.

One of its primary domain names is hosted by "GoDaddy," who inadvertently gave a malicious actor control of the account and site.

As a result, the actor was able to manipulate several internal email accounts by altering DNS data. After some time had passed, the hostile actor was able to access document storage and compromise some of their infrastructure.

Unauthorized changes were made to certain of the domain registration records' settings at GoDaddy, temporarily rerouting the site's email and web traffic.

Although it appears that no emails, passwords, or other sensitive information was obtained, the business advised changing the password and turning on 2FA security.

Source: https://krebsonsecurity.com/2020/11/godaddy-employees-used-in-attacks-on-multiple-cryptocurrency-services/

"id": "GOD2315623",
"linkid": "godaddy",
"type": "Breach",
"date": "11/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"