GoDaddy disclosed a data breach impacting web hosting account credentials that took place in October 2019
GoDaddy disclosed a data breach impacting web hosting account credentials that took place in October 2019.
GoDaddy
GoDaddy is the world’s largest Internet domain registrar and web hosting company headquartered in Scottsdale, Arizona with approximately 19 million customers and over 9,000 employees worldwide.
What is known about the GoDaddy breach?
“We recently identified suspicious activity on a subset of our servers and immediately began an investigation,” said the company in a data breach notice submitted by the company.
“The investigation found that an unauthorised individual had access to your login information used to connect to SSH on your hosting account. We have no evidence that any files were added or modified on your account. The unauthorised individual has been blocked from our systems, and we continue to investigate potential impact across our environment.”
GoDaddy said the breach did not impact the “main GoDaddy.com customer account” and information within that account was not accessed. The incident affected only their hosting accounts.
The company says that there is no evidence of attackers altering any files on the impacted hosting accounts.
What is SSH?
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network.
“SSH is used to access an organisation’s most critical assets, so it's vital that organisations stick to the highest security level of SSH access and disable basic credential authentication, and use machine identities instead,” said Yana Blackman, a threat intelligence specialist at Venafi. “this involves implementing strong private-public key cryptography to authenticate a user and a system.”
What are the measures taken by GoDaddy?
In order to prevent any potential unauthorized access to the hosting account, the account login information.
To be on the safer side customers are requested to conduct an audit of their hosting accounts.
GoDaddy team has sent breach notification letters and also offered one year of free Website Security Deluxe and Express Malware Removal services to show that this was not the customer’s fault.
“These services run scans on your website to identify and alert you of any potential security vulnerabilities. With the service, if a problem arises, there is a special way to contact our security team and they will be there to help,” the notification letter reads.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.Y
You may be interested in reading: Private Zoom Video Recordings Exposed Online