Apparently the leak is due to an unsecured bucket Amazon Web Services
GoDaddy is the most recent victim of cybercriminals groups and has joined a long list of companies that saw their confidential data leaked by Amazon S3 buckets without the necessary security measures. GoDaddy, the world’s leading domain name registration platform, has more than 18 million customers, making any data breach in the company a serious threat.
According to recent findings from cyber security organization specialist Chris Vickery, files containing sensitive information about GoDaddy were public accessed thanks to an unsecure Amazon S3 bucket. There were several versions of files stored in the Amazon S3 bucket for more than 31K GoDaddy systems. The database was titled “abbottgodaddy”.
Amazon Web Services (AWS) is a cloud-storage service that has often been criticized for being the only cause of a large number of data leaks. In these latest data leaking, it is believed that an error in the S3 bucket has caused the leaking of the GoDaddy information.
It should be noted that the data leaked in these security breach include architectural details about GoDaddy. It also includes “high-level configuration information” from countless pricing systems and services to operate those systems in the S3 bucket; this includes the discounts offered to customers under certain circumstances. In addition, the database also includes host name configuration files, workloads, CPU specifications, operating systems, AWS regions, memory, and other details about GoDaddy systems.
Several cyber security organization experts claim that AWS vendors responsible for storing the information in the bucket S3 did so poorly. An AWS spokesperson stated that “while Amazon S3 is secure in its default configuration and access to the bucket is limited only to the account owner and administrator in the predetermined configurations, the vendor did not follow the practices recommended by AWS with this particular segment”.
According to reports of cyber security organization experts from the International Institute of Cyber Security, the database contains extensive information about the company, as it includes 42 different columns related to separate systems. In addition, it contains modeled and summarized data on totals, averages and other similar fields related to the calculation; GoDaddy’s confidential business information is also included in the database, such as pricing negotiations. Confidential trade database and IP addresses of GoDaddy are also included.
The consequences of this data leak could have been detrimental to GoDaddy if the database had been detected by hackers. They could have sold the data to the company’s competitors, which would have had serious commercial consequences in the company’s business.
While AWS maintains that none of the information contained in the unprotected S3 bucket, GoDaddy, for its part, stated that the files contained in the database were only “speculative models” and were not associated with recent activity between Amazon and GoDaddy. The S3 bucket has already been sealed by AWS.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.