GoDaddy admits it fell victim to data breach in October

An unauthorised third-party gained access to login information used to connect to SSH protocol on hosting accounts

Web hosting giant GoDaddy has informed customers of a security incident involving an unauthorised third-party who may have had access to users’ login information used to connect SSH to their hosting account.

The SSH protocol, also known as Secure Shell, is a method for secure remote login from one computer to another. It provides serval alternative options for strong authentication, and protects the communications security and integrity with strong encryption.

GoDaddy reported the data breach to Californian regulators after learning that an unauthorised individual was able to access SSH accounts used in its hosting environment in October 2019.

GoDaddy said it identified suspicious activity on a subset of its servers and began investigating. This process found that an unauthorised individual had access to login information used to connect to SSH on users’ hosting accounts.

Although the investigation regarding the potential impact of the breach is ongoing, there’s so far no evidence that any files were modified on users’ accounts. Moreover, the unauthorised individual has been blocked from GoDaddy systems.

“This incident is limited in scope to your hosting account,” the firm’s Demetrius Comes wrote. “Your main GoDadd.com customer account and the information stored within your customer account was not accessible by this threat actor.” 

GoDaddy has apologised to its customers for any inconvenience this may have caused, and is offering a full year of Website Security Deluxe and Express Malware Removal at no cost.

“These services run scans on your website to identify and alert you of any potential security vulnerabilities,” Comes added. “With this service, if a problem arises, there is a special way to contact our security team and they will be there to help.”

GoDaddy is the leading web hosting provider, according to Datanyze, with a 16.6% market share and more than 1.4 million registered domains, followed by UnitedLayer and Amazon Web Services (AWS) web hosting. 

The service also encountered a security issue in January last year, regarding a vulnerability in the way it handles domain name server (DNS) change requests. According to a cyber security researcher, the flaw allowed hackers to hijack domains and create two disruptive spam email campaigns. 

Featured Resources

The ultimate guide to business connectivity in field services

A roadmap to increased workplace efficiency

Free download

The definitive guide to migrating to the cloud

Migrate apps to the public cloud with multi-cloud infrastructure solutions

Free download

Transform your network with advanced load balancing from VMware

How to modernise load balancing to enable digital transformation

Free download

How to secure workloads in hybrid clouds

Cloud workload protection

Free download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

17 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

17 Sep 2021