Security Operations, Identity

GoDaddy under fire for alleged unauthorized domain transfer

GoDaddy webpage. GoDaddy Inc. is an American publicly traded Internet domain registrar and web hosting company.

(Adobe Stock)

GoDaddy is currently investigating claims that it handed complete control of a 27-year-old domain to another customer without requiring proper authentication or supporting documents. The allegations stem from Lee Landis, a partner at IT shop Flagstream Technologies, who claims one of his client's domains vanished from their GoDaddy account without notice, with further coverage provided by The Register.

The incident involved a domain belonging to an anonymous American non-profit with 20 locations nationwide. According to reports, the domain transfer was allegedly approved in just four minutes by an "internal user" at GoDaddy, bypassing standard security protocols, including two-factor authentication and ownership protection. This resulted in four days of downtime for the non-profit, disrupting access to websites and email accounts.

While GoDaddy stated that proper documentation was received, both Flagstream and the recipient of the domain deny this. The situation was eventually resolved when the recipient voluntarily returned the domain after realizing the error. 

Source: The Register

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Basic AuthenticationBiometricsChallenge-Handshake Authentication Protocol (CHAP)Cold Warm Hot Disaster Recovery SiteCountermeasureCronDigest AuthenticationDigital CertificateDisaster Recovery Plan (DRP)Discretionary Access Control (DAC)

You can skip this ad in 5 seconds