GoDaddy was ordered to strengthen security measures

Industry Information 28 Jan 2025 01:33:34 PM By：DN platform editor

Abstract:

Recently, web hosting giant GoDaddy was ordered by the US Federal Trade Commission (FTC) to rectify security vulnerabilities and strengthen security measures.

The FTC pointed out that since 2018, GoDaddy has failed to implement reasonable and appropriate security measures to protect and monitor its website hosting environment. The company has many problems, such as not properly managing assets and software updates, not assessing the risks of shared hosting services, not adequately recording and monitoring security-related events, and not isolating shared hosting from unsafe environments.

Its loose patch system is implemented by each product team independently and lacks centralized management, resulting in serious vulnerabilities in a large number of boxes in the shared hosting environment, allowing hackers to steal user credentials and credit card information within months.

In addition, its customized Internet-facing API has security risks, is open to the Internet and unprotected, uses plaintext credentials and has no multi-factor authentication, which also gives hackers an opportunity to take advantage. Between 2019 and 2022, these security flaws caused multiple security vulnerabilities, and hackers gained unauthorized access to customer websites and data.

Although GoDaddy claims on its website, social media and emails that it has deployed reasonable security measures and complies with the relevant Privacy Shield framework, the FTC believes this is misleading.

However, in the settlement agreement, GoDaddy neither admitted nor denied wrongdoing, and no fines were attached. But it agreed to establish a comprehensive information security program, including creating a centralized inventory and management system for hardware, software and firmware, using automated tools to analyze events in real time and retain system audit logs, and launching multi-factor authentication methods for employees. It is also necessary to hire an independent third party to review its security plan every two years and no longer make false statements about security measures.

The FTC emphasized that many companies rely on web hosts like GoDaddy to ensure the security of their websites, and this action is intended to encourage them to strengthen their security systems and protect consumers around the world. GoDaddy said it has implemented some of the requirements and plans to continue investing in defensive measures to ensure the security of customers, websites and data.

Information source: domainincite

RELATED TAGS

GoDaddy security measures

Latest NewsRead more>

03 Apr 2025 02:09:47 PMIndustry Information

.AI auction market is hot, with monthly sales exceeding $600,000

According to data released by the new registry operator Identity Digital on March 27, the market for .AI domain names continues to heat up, with sales of expired domain name auctions exceeding US$600,000 in the past month alone.

03 Apr 2025 01:38:46 PMIndustry Information

Trump spends over a million dollars to acquire ABTC.com, accelerating the layout of the crypto map!

The Trump family again! Another American Bitcoin company! Yesterday, a source on the X platform revealed that the ABTC.com transaction that had just been completed had been redirected to AmericanBTC.com.

02 Apr 2025 03:31:52 PMIndustry Information

Spend.com sold for $802,500, launched a new website but is not a bank

In January 2025, the premium financial domain name Spend.com was auctioned at a high price of $802,500. After months of silence, Spend.com finally launched a new website.

03 Apr 2025 01:38:50 PMIndustry Information

The Trump family acquires AmericanBitcoin.com, and the crypto layout is upgraded again!

After the American Bitcoin Company strongly acquired AmericanBTC.com, it announced the completion of the strategic acquisition of "AmericanBitcoin.com" and simultaneously registered AmericanBTC.io and AmericanBTC.ca.

ICANN forces Knock Knock Whois There to change its name

Recently, ICANN ordered the .blog registry KKWT to change its name to "Knock Knock RDAP There", otherwise it will initiate the termination procedure in 30 days, affecting the normal operation of about 300,000 .blog domain names.

Industry Information 01 Apr 2025 03:21:18 PM

The Trump family is betting on cryptocurrency! Taking over AmericanBTC.com

Just yesterday, a bombshell was dropped in the cryptocurrency field! Hut 8 Mining and Trump’s second son Eric Trump officially announced that American Bitcoin was officially established.

Industry Information 02 Apr 2025 03:41:57 PM

CALA.ai sold for $59,888, and the .ai domain market continues to heat up

Recently, CALA.ai was successfully sold for $59,888. This transaction not only highlights the investment value of .ai domain names, but also once again reflects the activity and growth trend of the market.

Industry Information 31 Mar 2025 04:25:46 PM

The domain name ASLA.com was registered in 1995 and returned to its original owner in UDRP 30 years later

Recently, the complainant, the American Society of Landscape Architects, successfully reclaimed the domain name ASLA.com from the respondent through the UDRP procedure.

Industry Information 31 Mar 2025 01:59:51 PM

RNX.com and BRH.com sold for $41,500 and $39,550 respectively

Recently, the three-letter .com domain names RNX.com and BRH.com were sold on the auction platform for $41,500 and $39,550 respectively.

Industry Information 30 Mar 2025 02:39:00 PM

AI domain name is sold at a sky-high price again! Fin.ai is sold for one million US dollars, marking a milestone for the industry!

According to industry insiders, the AI domain name fin.ai was sold for $1 million. If the news is true, this will be the highest price ever paid for an AI domain name.

Industry Information 30 Mar 2025 11:53:37 AM