28,000 GoDaddy hosting accounts breached
One of the leading world domain registrars notified its customers about an attack affecting 28,000 accounts.
According to GoDaddy’s statement, the intrusion happened back in October 2019, when an “unauthorized individual” compromised the SSH usernames and passwords of some customers. GoDaddy claims that the incident affected only hosting accounts, not customers’ main accounts or personal information. The company has proactively reset logins and passwords of all affected hosting accounts.
The company noticed suspicious activities on some of its servers and reported the breach to officials in April 2020. About 28,000 accounts out of GoDaddy’s 19 million customers were affected. The company states that it hasn’t yet found any signs that the attackers modified or removed any files on the compromised accounts. Investigation of the case is ongoing.
What to do:
- Affected customers should have already received an e-mail from GoDaddy with details about the incident and instructions on regaining access. GoDaddy claims passwords for the affected accounts were reset, however, all customers are advised to conduct an audit of their hosting account.
- GoDaddy is providing one year of its Website Security Deluxe and Express Malware Removal services for affected customers. These services allow you to scan your website for potential vulnerabilities.