GoDaddy has confirmed that thousands of web hosting accounts were breached by an unauthorised individual almost seven months ago.
GoDaddy is the world’s largest domain name registrar that manages 77 million domains and provides services to roughly 19 million customers around the world.
The data breach confirmation notice was filed with the State of California Department of Justice and sent out to customers on May 4 via an email, which was signed by Demetrius Comes, CISO & VP of Engineering at GoDaddy.
According to Comes, an unauthorised individual had gained access to login information that its customers used to connect to SSH on their hosting accounts. For those unaware, Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network.
While the breach took place in October 2019, it was only discovered on April 23 when GoDaddy noticed some suspicious activity occurring on a subset of its servers.
Comes said that the unauthorized person has been blocked from their systems and the company has no evidence that any files were added or modified on the compromised accounts.
“This incident is limited in scope to your hosting account. Your main GoDaddy.com customer account and the information stored within your customer account was not accessible by this threat actor,” he added.
Comes told that the company is currently investigating the potential impact of the breach across their environment. Meanwhile, GoDaddy has proactively reset customers’ hosting account login information to help prevent any potential unauthorized access. Also, as a precautionary measure, GoDaddy has recommended its users to conduct an audit of their hosting accounts.
“We apologize for any inconvenience this may have caused. We have already taken and will continue to take measures to enhance our security in light of this incident,” Comes added.
To offset the incident, GoDaddy will be offering one year of Website Security Deluxe and Express Malware Removal to its affected customers at no cost.
These services will help them run scans on their website to identify and alert them of any potential security vulnerabilities. Further, if any problem arises with the free service, GoDaddy’s security team would be on hand to help the customers.