One blog post about a domain transferred to the wrong customer drove 7,613 visits and 8,365 pageviews in 20 hours — 95% of all traffic to anchor.host during the window, and roughly 3.5× a normal day for the entire site.
Eastern Time. The story slow-rolled on X for hours, then a Hacker News submission lit the fuse and r/sysadmin amplified within minutes.
Hacker News did the heavy lifting — about 42% of all visits — but the long tail kept growing as the story spread to Boing Boing, Mastodon, Search Engine Journal, LinkedIn, infosec.exchange, Gigazine, and four different Facebook surfaces. Direct visits (no referrer) nearly tied HN as the post got passed around in Slack/Teams/email DMs and link previews.
Thirty-plus sources sent meaningful traffic. The secondary wave kept growing through day three: Boing Boing republished it, Search Engine Journal and Gigazine (Japan) covered it, LinkedIn and infosec.exchange shared it, Mastodon and Bluesky carried it, and Facebook fanned it out across four surfaces. Slack, Microsoft Teams, and Gmail DMs all show up.
A GoDaddy product manager surfaced in the X replies within hours. Hacker News stitched together the company's longer history of similar incidents. Three days later The Register wrote a follow-up — and its commenters were not gentle.
Hey @austinginder I read your post. What a nightmare and I'm sorry this happened to your friend. I sent this on to the right person at Godaddy to look into it. I'm sure they will get to the bottom of it and again I'm really sorry this happened.
Relevant (for some reason though it shouldn't be; GoDaddy's track record is that bad): SSL certs issued without validation (2017), JavaScript injection (2019), domains canceled with 2-hour windows (2022), buying domains when they expire to extort users (2022)…
At the risk of sounding snarky: Lee is one of the most competent IT guys I know. 'Competent' and 'client's domains hosted on GoDaddy' don't go together.
The post mentions email, marketing, and SEO — but it misses the biggest one: you're locked out of every business account, bank, and CRM that uses email-based 2FA on that domain.
"GoDaddy: 'We did absolutely nothing wrong! But we're going to improve our internal processes so we don't do it again.'"
A US-heavy but globally distributed audience. Phones beat desktops 2:1 — what you'd expect when Twitter and Reddit lead the discovery.
For context: anchor.host averages ~2,186 visits per day over the prior 30 days. This single post brought in 3.5× a normal day's site traffic in 20 hours, and accounted for 95% of all traffic to the site during the window.
One blog post about a domain transferred to the wrong customer drove 9,393 visits and 10,544 pageviews in 30 hours — 93% of all traffic to anchor.host during the window, and roughly 4.3× a normal day for the entire site.
Eastern Time. The story slow-rolled on X for hours, then a Hacker News submission lit the fuse and r/sysadmin amplified within minutes.
Hacker News did the heavy lifting — exactly half of all visits — but the long tail of aggregators, Bluesky, Mastodon, even Microsoft Teams and Slack DMs added up. Direct visits (no referrer) were the second-largest source.
More than twenty different sources sent meaningful traffic. A surprising number came from secondary HN aggregators (hckrnews, brutalist.report, hada.io), federated networks (Bluesky, Mastodon), and internal team chat — Slack, Microsoft Teams, and Gmail DMs all show up.
A GoDaddy product manager surfaced in the X replies within hours, and Hacker News quickly stitched together the company's longer history of similar incidents.
Hey @austinginder I read your post. What a nightmare and I'm sorry this happened to your friend. I sent this on to the right person at Godaddy to look into it. I'm sure they will get to the bottom of it and again I'm really sorry this happened.
Relevant (for some reason though it shouldn't be; GoDaddy's track record is that bad): SSL certs issued without validation (2017), JavaScript injection (2019), domains canceled with 2-hour windows (2022), buying domains when they expire to extort users (2022)…
At the risk of sounding snarky: Lee is one of the most competent IT guys I know. 'Competent' and 'client's domains hosted on GoDaddy' don't go together.
The post mentions email, marketing, and SEO — but it misses the biggest one: you're locked out of every business account, bank, and CRM that uses email-based 2FA on that domain.
A US-heavy but globally distributed audience. Phones beat desktops 70/30.
For context: anchor.host averages ~2,186 visits per day over the prior 30 days. This single post brought in 4.3× a normal day's site traffic in 30 hours, and accounted for 93% of all traffic to the site during the window.
One blog post about a domain transferred to the wrong customer drove 10,811 visits and 12,340 pageviews in 45 hours — 92% of all traffic to anchor.host during the window, and roughly 5× a normal day for the entire site.
Eastern Time. The story slow-rolled on X for hours, then a Hacker News submission lit the fuse and r/sysadmin amplified within minutes.
Hacker News did the heavy lifting — about 42% of all visits — but the long tail kept growing as the story spread to Boing Boing, Mastodon, Search Engine Journal, LinkedIn, infosec.exchange, Gigazine, and four different Facebook surfaces. Direct visits (no referrer) nearly tied HN as the post got passed around in Slack/Teams/email DMs and link previews.
Thirty-plus sources sent meaningful traffic. The secondary wave kept growing through day three: Boing Boing republished it, Search Engine Journal and Gigazine (Japan) covered it, LinkedIn and infosec.exchange shared it, Mastodon and Bluesky carried it, and Facebook fanned it out across four surfaces. Slack, Microsoft Teams, and Gmail DMs all show up.
A GoDaddy product manager surfaced in the X replies within hours. Hacker News stitched together the company's longer history of similar incidents. Three days later The Register wrote a follow-up — and its commenters were not gentle.
Hey @austinginder I read your post. What a nightmare and I'm sorry this happened to your friend. I sent this on to the right person at Godaddy to look into it. I'm sure they will get to the bottom of it and again I'm really sorry this happened.
Relevant (for some reason though it shouldn't be; GoDaddy's track record is that bad): SSL certs issued without validation (2017), JavaScript injection (2019), domains canceled with 2-hour windows (2022), buying domains when they expire to extort users (2022)…
At the risk of sounding snarky: Lee is one of the most competent IT guys I know. 'Competent' and 'client's domains hosted on GoDaddy' don't go together.
The post mentions email, marketing, and SEO — but it misses the biggest one: you're locked out of every business account, bank, and CRM that uses email-based 2FA on that domain.
"GoDaddy: 'We did absolutely nothing wrong! But we're going to improve our internal processes so we don't do it again.'"
A US-heavy but globally distributed audience. Phones beat desktops 2:1 — what you'd expect when Twitter and Reddit lead the discovery.
For context: anchor.host averages ~2,186 visits per day over the prior 30 days. This single post brought in 5× a normal day's site traffic in 45 hours, and accounted for 92% of all traffic to the site during the window.
One blog post about a domain transferred to the wrong customer drove 11,830 visits and 13,650 pageviews over 70 hours — 90% of all traffic to anchor.host during the window, and 5× a normal day for the entire site. Three days in, The Register picked it up.
Eastern Time. The story slow-rolled on X for hours, then a Hacker News submission lit the fuse and r/sysadmin amplified within minutes.
Hacker News did the heavy lifting — about 42% of all visits — but the long tail kept growing as the story spread to Boing Boing, Mastodon, Search Engine Journal, LinkedIn, infosec.exchange, Gigazine, and four different Facebook surfaces. Direct visits (no referrer) nearly tied HN as the post got passed around in Slack/Teams/email DMs and link previews.
Thirty-plus sources sent meaningful traffic. The secondary wave kept growing through day three: Boing Boing republished it, Search Engine Journal and Gigazine (Japan) covered it, LinkedIn and infosec.exchange shared it, Mastodon and Bluesky carried it, and Facebook fanned it out across four surfaces. Slack, Microsoft Teams, and Gmail DMs all show up.
A GoDaddy product manager surfaced in the X replies within hours. Hacker News stitched together the company's longer history of similar incidents. Three days later The Register wrote a follow-up — and its commenters were not gentle.
Hey @austinginder I read your post. What a nightmare and I'm sorry this happened to your friend. I sent this on to the right person at Godaddy to look into it. I'm sure they will get to the bottom of it and again I'm really sorry this happened.
Relevant (for some reason though it shouldn't be; GoDaddy's track record is that bad): SSL certs issued without validation (2017), JavaScript injection (2019), domains canceled with 2-hour windows (2022), buying domains when they expire to extort users (2022)…
At the risk of sounding snarky: Lee is one of the most competent IT guys I know. 'Competent' and 'client's domains hosted on GoDaddy' don't go together.
The post mentions email, marketing, and SEO — but it misses the biggest one: you're locked out of every business account, bank, and CRM that uses email-based 2FA on that domain.
"GoDaddy: 'We did absolutely nothing wrong! But we're going to improve our internal processes so we don't do it again.'"
A US-heavy but globally distributed audience. Phones beat desktops 2:1 — what you'd expect when Twitter and Reddit lead the discovery.
For context: anchor.host averages ~2,186 visits per day over the prior 30 days. This single post brought in 5× a normal day's site traffic in 70 hours, accounted for 90% of all traffic to the site during the window — and The Register wrote a follow-up article on day 3.