GoDaddy changed the security policy after the event with a “Twitter account priced at $ 50,000”

I think many habra users will remember the recent article " How PayPal and GoDaddy made me give Twitter a $ 50,000 account ." Summary: a Twitter user with a rare and expensive "@N" account hijacked his Godaddy account with all domains, then exchanging this account for his twitter account (the price of "@N", according to the former owner, was about 50 thousand US dollars).

The attacker in GoDaddy managed to divert, using social engineering, some techniques and own ingenuity. Needless to say, after this story, numerous accusations of insufficient protection of client accounts fell down on GoDaddy, and many customers began to transfer their domains to other registrars.
')
So, the other day GoDaddy changed the security rules to suit the requirements of customers. Now, to identify a phone call to the support service, you need to report the last eight digits from your credit card number. Also, the caller has three attempts to prove that he is the owner of the account. After three calls with an unsuccessful attempt to authenticate calls to a specific account, they are no longer considered by the support service (or the support account of the problematic account is not entirely clear).

In addition, they introduced two-factor authentication.

Perhaps this is good news for current registrar's customers; indeed, you can now feel more secure. However, for the former owner of the account "@N", unfortunately, it is too late - no one will help him return to the former nickname on Twitter.

And this person transferred domains to Namecheap, by the way.

Via theverge