The world’s largest domain registrar, Go Daddy has disclosed a data breach impacting web hosting account credentials. They had almost 19 million customers.GoDaddy Data Breach was confirmed through an email notifications.
This registrar is quite popular among all with more than 77 million domains managed and millions of websites hosted from 19 million customers.
According to Bleeping Computer, which broke the news yesterday evening, an as yet unknown number of customers have been informed that their web hosting account credentials had been compromised.
What is known so far about the GoDaddy data breach?
The email signed by GoDaddy CISO and Vice-president of engineering, Demetrius reveals that the security and data breaching incidents came to limelight after the suspicious activities were detected in the GoDaddy servers.
According to the State of California Department of Justice, data breaching recently were identified on October 19, 2019, and then the disclosure notification email sample was filed.
The email notification stated that when the incident was investigated it is seen that “unauthorized individual” had gained access to login credentials that meant they could “connect to Secure Shell(SSH)” on the affected hosting accounts.
“The GoDaddy breach underlines just how important SSH security is,” Yana Blachman, a threat intelligence specialist at Venafi, said.
“SSH is used to access an organization’s most critical assets, so it’s vital that organizations stick to the highest security level of SSH access and disable basic credential authentication, and use machine identities instead,” Blachman said, “this involves implementing strong private-public key cryptography to authenticate a user and a system.
Which GoDaddy accounts are affected by the breach?
GoDaddy email said that the data breaching is only limited to the web hosting accounts and luckily customer accounts were not involved here.
There is no evidence that any files or data have been modified but however, it is proved that the files had been viewed or copied.
So, all the impacted hosting accounts login credentials have been successfully reset.
Godaddy also emailed everyone about the further cautions and needed precautions and procedures to follow in order to regain the hosting accounts.
They suggested users audit their hosting accounts.
GoDaddy to provide free security services to those affected
“We will provide a complimentary years’ worth of security and malware removal services for those customers affected, and express “regret this incident occurred.”