GoDaddy Confirms Data Breach Involving SSH Access on Hosting Accounts

GoDaddy Confirms Data Breach: What Clients Need To Know
Share It On:

Kathmandu, May 6th, 2020

The world’s largest domain registrar, GoDaddy, confirmed a data breach that started in October 2019.

The Scottsdale, Ariz.-based domain registrar giant manages more than 19 million customers and 77 million domains. It is warning customers about the data breach impacting their web hosting account credentials.

‘We blocked the unauthorized individual responsible for the breach.’ states GoDaddy. They further stated that the company is continuing investigation on the potential impact on their environment.

The company said that the breach only affected hosting accounts. That means general GoDaddy.com’s customer accounts are safe. There was also no effect on the customer data in the main accounts.

What we know on the GoDaddy Data Breach

The confirmation of the data breach reveals that the security incident in question came to light after a recent identification of suspicious activity on some GoDaddy servers. The breach itself appears to have occurred on October 19, 2019.

During the investigation, they found that an “unauthorized individual” had gained access to login credentials. This meant that they could “connect to SSH” on the affected hosting accounts.

Why SSH is so critical

SSH is an acronym for secure shell, a network protocol, and a software suite used for securely transmitting data. Privileged users such as system administrators and application developers use SSH for secure interactive and remote access.

Yana Blachman, a threat intelligence specialist at Venafi emphasizes the importance of SSH security underlining the GoDaddy data breach.

He also highlights that SSH is used to access an organization’s most critical assets. Also, it is vital that organizations stick to the highest security level of SSH access and disable basic credential authentication. He recommends the use of machine identities instead.

During the incident, as Freelance CEO Matt Barrie stated, their security team managed to talk to the hacker on the phone. For over an hour the hacker attempted to convince what he thought were domain registry operations to regain access to the account.

The hacker had unlawfully accessed GoDaddy’s registrar’s internal support systems and was using them to make changes on Escrow.com’s account.

Which GoDaddy accounts are affected?

The GoDaddy email says the breach affected only the hosting accounts and did not involve customer accounts or the personal information stored within them.

However, the company has reset all impacted hosting account logins. And, the email contained the procedure customers need to follow to regain access to the hosting accounts concerned.

GoDaddy to provide free security services

GoDaddy has said it will provide complimentary years’ worth of security and malware removal services for those customers affected, and has expressed “regret this incident occurred.”

The domain giant also recommended that customers should audit their hosting accounts.


Share It On:

Recent Posts

Citizens Bank 11.11 Deals: Exclusive Discounts on Daraz

Citizens Bank 11.11 Deals: Exclusive Discounts on Daraz

Share It On:5th November 2024, Kathmandu Citizens Bank International Limited signed an agreement with Nepal’s leading online marketplace, Daraz, to

Local Talent Shines in Cybersecurity: Bipu Ojha and Tuan Khuat Win CDU IT CodeFair CTF

Local Talent Shines in Cybersecurity: Bipu Ojha and Tuan Khuat

Share It On:5th November 2024, Kathmandu Bipu Ojha and his teammate Tuan Khuat have emerged as winners in the prestigious

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

Share It On: 5th November 2024, Kathmandu CEDB Hydropower Development Company Limited has successfully concluded its extraordinary general meeting. CEDB

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Share It On: 5th November, Kathmandu The Department of Information and Broadcasting has announced the launch of a new insurance

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For Growth

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For

Share It On:5th November, Kathmandu Nepal Life Insurance, a leading life insurance company in Nepal, has recently expanded its footprint

Global IME Dividend Announcement: Key Book Closure Date Revealed

Global IME Dividend Announcement: Key Book Closure Date Revealed

Share It On:5th November 2024, Kathmandu Global IME Bank has good news for its shareholders! The bank has announced a