GoDaddy slapped with wet lettuce for years of lax security and 'several major breaches'
GoDaddy has failed to protect its web-hosting platform with even basic infosec tools and practices since 2018, according to the FTC, but the internet giant won’t face any immediate consequences for its many alleged acts of omission.
As one of the world's largest web-hosting companies, and a registry and registrar with about 82 million domain names in its care, one would assume GoDaddy would be adept at applying software updates and monitoring security-related events in its hosting environment to protect its millions of customers and the visitors to their websites from online threats.
But according to a Wednesday statement from the FTC, “GoDaddy has failed to implement reasonable and appropriate security measures to protect and monitor its website-hosting environments for security threats, and misled customers about the extent of its data security protections on its website hosting services.”
A formal complaint [PDF] against the company, drawn up by the federal consumer watchdog, describes the biz as “blind to vulnerabilities and threats in its hosting environment" since 2018.
