GoDaddy Suffers Data Breach

Domain registrar and web-hosting company GoDaddy has notified an undisclosed number of its 19 million customers of a data breach.

The security incident took place on October 19, 2019, but went undetected until April 23, 2020, when GoDaddy noticed some suspicious activity occurring on a subset of its servers. 

As a result of the episode, the web-hosting account credentials of an unknown number of customers have been compromised.

The impact of the breach could be far-reaching since GoDaddy is the world's largest domain registrar, managing 77 million domains. 

The breach was confirmed in an email filed with the State of California Department of Justice and sent out to customers by GoDaddy CISO and vice president of engineering Demetrius Comes. According to Comes, an unauthorized individual accessed login information used by customers to connect to SSH (secure shell) on their hosting account. 

In his message to affected customers, Comes described the known impact of the breach as minor, but said that an investigation into the incident had not yet reached a conclusion. 

"We have no evidence that any files were added or modified on your account," wrote Comes. "The unauthorized individual has been blocked from our systems, and we continue to investigate potential impact across our environment."

According to Comes, GoDaddy acted dynamically to minimize the impact of the security incident.

He wrote: "We have proactively reset your hosting account login information to help prevent any potential unauthorized access; you will need to follow these steps in order to regain access. Out of an abundance of caution, we recommend you conduct an audit of your hosting account."

Comes assured customers that that their "main GoDaddy.com customer account, and the information stored within your customer account, was not accessible by this threat actor."

In addition to offering customers its sincere apologies, GoDaddy is taking steps to sweeten the breach by offering "one year of Website Security Deluxe and Express Malware Removal at no cost."

Comes told customers that GoDaddy's security team would be on hand to help them should the free service throw up alerts of any potential security vulnerabilities on their websites. 

What’s hot on Infosecurity Magazine?