Yes, did you? The Attacker got Paypal to give up the last 4 digits of the victim's credit card number. Then he called GoDaddy which allowed him to verify his identity by giving them the last 4 of his credit card number though the attacker said they would have let him guess multiple times.
If GoDaddy accepted Bitcoin PayPal wouldn't even be involved and GoDaddy instead of asking for information which is apparently easily pilfered could have requested the caller sign a message with their private key Bitcoin key corresponding to the public key from which they paid GoDaddy for the domain services to begin with.
> If GoDaddy accepted Bitcoin PayPal wouldn't even be involved and GoDaddy instead of asking for information which is apparently easily pilfered could have requested the caller sign a message with their private key
If GoDaddy separated authentication of requests from payment information and had any of a wide number of different authentication methods, this wouldn't have been an issue, either. Using PayPal -- or accepting credit card payments by other means -- does not imply (or normally involve) using the last four digits of CC number as if it were a PIN for authentication. (In fact, since CC numbers are widely exposed information, doing so is insane -- especially the last four digits, which are frequently used without the rest as a reference to identify a credit card to the owner of the card in contexts like receipts where the information is expected to be particularly public.)
Payment methods are really largely irrelevant here, GoDaddy could easily have adopted an equally stupid and brain dead authentication method if they took bitcoin as payment.
If GoDaddy accepted Bitcoin PayPal wouldn't even be involved and GoDaddy instead of asking for information which is apparently easily pilfered could have requested the caller sign a message with their private key Bitcoin key corresponding to the public key from which they paid GoDaddy for the domain services to begin with.