"The client lost access to its website and email accounts throughout the ordeal, leading to potential security risks such as losing account recovery mechanisms and business email compromise schemes."
"It took just four minutes for the domain takeover process to be approved, resulting in four days of downtime for the client, who had to use personal email addresses to communicate."
"The GoDaddy account had dual two-factor authentication enabled, requiring both an email code and an authentication app code to log in, yet the transfer was completed without these safeguards."
GoDaddy is looking into allegations that it transferred control of a 27-year-old domain to another customer without proper authentication. Lee Landis, from Flagstream Technologies, reported that a client's domain disappeared from their GoDaddy account, causing loss of access to their website and email. The client, an anonymous American non-profit, experienced four days of downtime. The domain transfer process took only four minutes, despite having dual two-factor authentication and ownership protection enabled. GoDaddy's logs indicated the transfer was initiated by an internal user without required authentication.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]