Web hosting provider and domain registrar GoDaddy was recently affected by a data breach that compromised the account details of around 28,000 customers. In a Submitted Breach Notification to the California Attorney General’s office, GoDaddy disclosed that the suspicious activity was observed on some of its servers on Oct. 19, 2019. GoDaddy discovered in an investigation on April 23, 2020, that the usernames and passwords had been compromised by an unauthorized individual in ther hosting environment by an unauthorized individual who had gained access to the login credentials of customers who use SSH (Secure Shell) to connect to their hosting accounts.
SSH offers a secure platform to work with remote systems and help users transfer files to the hosting. In its notification, the company clarified that it found no evidence for any file modification/removal by during the unauthorized activity. Godaddy has blocked the identified person from accessing GoDaddy’s systems after the incident.
GoDaddy advised customers to conduct an audit of their hosting accounts adding that the company will provide affected users with a free year of Website Security Deluxe and Express Malware Removal, services that scan their websites for any potential security issues.
Immediate Action
If your hosting account has been impacted by this breach and have not already been notified by GoDaddy, you will likely be notified in the near future. They strongly recommend changing your hosting password/website’s database password, as this could have easily been stolen by the attacker.