GoDaddy is a well-known hosting provider and domain name registry, and is one of the world’s largest SSL certificate providers. They have millions of clients all over the globe. To be a little specific, they have almost 18 million customers, and more than 75 million domain names registered. And just recently, a bunch of their internal information and other sensitive documents got exposed on the web and made available to the public, all thanks to an error in Amazon’s AWS bucket configuration.
Just last June, Upguard Cybersecurity Analyst, Chris Vickery, discovered several files containing delicate server information stored in an exposed S3 Bucket – a cloud storage service offered by Amazon Web Services. A more careful look into the exposed files revealed different versions of data for more than 30,000 systems of GoDaddy. It includes detailed server configuration, hosting configurations, design infrastructure, hostnames, fields for operating systems, workload, system memory configurations, processing specs and AWS regions. According to Upguard, the general information contained within all the documents almost represents a very large portion of the Internet.
In a statement released by Upguard – “Essentially, this data mapped a very large-scale AWS cloud infrastructure deployment, with 41 different columns on individual systems, as well as summarized and modeled data on totals, averages and other calculated fields,” said UpGuard Cyber Risk Team researchers, in a posting on the issue late last week.”
“GoDaddy is a critical part of internet infrastructure, and their cloud utilization operates at one of the largest scales in existence,” said UpGuard analysts, who said that GoDaddy secured the database as soon as UpGuard alerted the company to the issue. “One could arguably say that GoDaddy hosts a fifth of the internet.”
With this large scale, experts have considered the possible consequences of the leak. They have concluded there are two –
- The leaked configuration data of GoDaddy servers could be used to create reconnaissance tools for fraudsters.
- Other leaked data can be used by their competition to gain more knowledge regarding their products, designs, advancements, including pricing and marketing strategies.
These consequences will prove to be disastrous for GoDaddy. From the date of Upguard’s discovery of the leak, it took GoDaddy almost 30-days before the cloud bucket was sealed. One can only imagine the staggering amount of information that has spread since then. The security failure from Amazon’s AWS appears to be coming from one of their sales people. Not being able to follow security protocols and best practices for proper information storage eventually led to this predicament.
In a joint statement released by Amazon and GoDaddy – the documents that were exposed were merely models and hypothetical specs and is not related in any way to any activities or services of both GoDaddy and Amazon.