Who's lying about the GoDaddy outage?
Yesterday registrar and web hoster GoDaddy went down for several hours, taking millions of websites along, too. Within an hour, Twitter accounts associated with hacktivist group Anonymous took credit. Today, GoDaddy blames "corrupted router data tables". Meanwhile AnonymousOwn3r claims denial of service attack and hack -- and within the hour publicly posted what supposedly is GoDaddy "source code and database".
Somebody's lying here. But whom?
I wrote BetaNews's story, and with some trepidation: "Tweets from several accounts presumably associated with hacktivist group Anonymous claim responsibility for bringing down GoDaddy. Interestingly, the one I most directly associated with Anonymous, YourAnonNews, doesn't explicitly". Struck me as strange that the first Anonymous gang tweets came about an hour after GoDaddy tweeted about service troubles and generally used third person or referred to news stories. That said, AnonymousOwn3r claimed credit and continues to do so.
Earlier today, GoDaddy posted an apology, giving technical reasons for the outage:
GoDaddy Customers and Community,
We owe you a big apology for the intermittent service outages we experienced on September 10th that may have impacted your website and your interaction with GoDaddy.com.
The service outage was due to a series of internal network events that corrupted router data tables. Once the issues were identified, we took corrective actions to restore services for our customers and GoDaddy.com. We have implemented measures to prevent this from occurring again.
At no time was any sensitive customer information, such as credit card data, passwords or names and addresses, compromised.
Throughout our history, we have provided 99.999% uptime in our DNS infrastructure. This is the level of performance our customers have come to expect from us and that we expect from ourselves. We pride ourselves on providing world-class service — through our products, our site experience and customer care.
We have let our customers down and we know it. I cannot express how sorry I am to those of you who were inconvenienced. We will learn from this.
I’d like to express my profound gratitude to all our customers. We are thankful for your straightforward feedback and the confidence you have shown in us.
In appreciation, we will reach out to affected customers in the coming days with a good faith gesture that acknowledges the disruption. We are grateful for your continued loyalty and support.
If you have any questions or require further assistance, please call us at 1-480-505-8877.
At 4:51 pm EDT, AnonymousOwn3r tweeted: "Go daddy souce code and database leaked by @AnonymousOwn3r http://pastebin.com/WMb4Qg7H", which goes to this RAR file.
I've only started to review the data, but it doesn't look legit enough to me. But I'm no expert here. If you are please educate us all in comments.
For now, I'll say this: If nothing else, GoDaddy is under credibility attack by the Anonymous hacktivist. Not that I would be shocked for a company to claim "internal" cause and no "sensitive" data leaked, only to have Anonymous show otherwise in a pastebin post.
The hacktivist claims: "@godaddy o yes now you have to assume that you was hacked by me https://twitter.com/AnonymousOwn3r/status/245625530320293889 … not just the ddos but also databse / soucecode".
Photo Credit: Rob Kints/Shutterstock