Corporate crime by active or former employees often involves domains; in a new case involving GoDaddy as the registrar, a company’s former employee allegedly hijacked its domain name.
Someone using the alias “NetSkopos” reported the following at the GoDaddy community forum:
We had a now former employee seek out and discover our GoDaddy account info when our CIO left the company. He then, hijacked the account, placed our primary business domains under his account and turned on two factor authentication trying to extort a contract from us to continue getting paid. We terminated him because he was trying to steal code. So he found an easier way.
Sounds like this should be an easy one, but just like all else GoDaddy, it isn’t. No one responds and all we get are bot responses. Their “Award Winning Support” has no escalation path and can only direct you to their bot URL with change update for bot responses. Kind of mind blowing actually.
Since then, we’ve provided domain purchase and renewal receipts, Company EIN, Officers Statements, our CFO’s DL, our tax info from the State and our former CIO and initial registrant is trying to help. We even have the zone and RWHOIS info showing our assigned IP’s as being where all hosts in the zone point. Still, all we get are drone based bot responses and often, no response at all.
The person reporting this corporate crime does not mention the exact domain.
He concludes thus:
We’re obviously taking legal action against the former employee and GoDaddy, as we have no other alternative. Our customer payment systems, internal business processes and partner reporting is hardcoded with this domain which would take some heavy unrolling, not to mention, extremely costly.
Yet another hijacked domain and IP, enabled and assisted by GoDaddy. If anyone knows of a better method than the changeupdate URL, I’d love to hear it. We would try anything but I’m guessing based on what I’ve seen, it wouldn’t matter. Businesses, stay away from GoDaddy. Go with someone (anyone) with actual “thinking” people on the other end.
According to the report, the complainant seems to have done what’s necessary, and more, in order to reclaim the domain.
Let’s hope that there will be a resolution on this matter soon.
Terrible stuff!!
Godaddy definitely has to bend over backwards and show UTMOST URGENCY not CONVENIENCE for them to get this resolved since it was THEIR employee.
More importantly, I would like to hear other registrars chime in with their policy should an event like this occur.
Crazy stuff! Haven’t the larger registrars implemented classification and security clearance policies yet? I think a lot of the former employee theft can be combated by properly vetting employee’s first before they allow them access to sensitive customer data. I would be interested in what type of hiring and placement process they put employee’s through as well.
What kind of vetting do you need in a corporation to prevent this? I’m almost certain nothing could match what was of Edward Snowden’s employment process, and look what happened there.