From nakedsecurity.sophos.com
The US Securities and Equities Commission (SEC) has just published a “Security Incident” submitted last week by Web services behemoth GoDaddy.
GoDaddy says that on 17 November 2021 it realised that there were cybercriminals in its network, kicked them out, and then set about trying to figure out when the crooks got in, and what they’d managed to do while they were inside.
According to GoDaddy, the crooks – or the unauthorised third party, as the report refers to them: