GoDaddy Warns Customers Of Password Breach

Web hosting company GoDaddy has warned of a data breach that affected clients’ SSH accounts.

The company said it had detected suspicious activity on some of its clients’ servers on 19 October of last year.

It notified the clients that were affected and also informed authorities in California of the breach.

The attackers did not obtain the credentials used to log into clients’ main GoDaddy accounts, but were able to access websites via Secure Shell (SSH), which allows users to carry out operations such as executing commands and manipulating files.

SSH access

“The investigation found that an unauthorised individual had access to your login information used to connect to SSH on your hosting account,” GoDaddy said in a notice sent to affected customers and filed with regulators.

It said it had “no evidence” that files had been “added or modified” on affected accounts.

“This incident is limited in scope to your hosting account,” GoDaddy stated in the notice.  “Your main GoDaddy.com customer account, and the information stored within your customer account, was not accessible by this threat actor.

“The unauthorised individual has been blocked from our systems, and we continue to investigate potential impact across our environment.”

GoDaddy didn’t indicate whether files may have been viewed or stolen, and gave no details as to how the breach may have occurred.

Security breach

The company said it had reset the affected customers’ passwords and offered them free website security and malware removal services for a year.

The firm advised users to audit their hosting accounts.

The Arizona-based firm is the world’s largest domain registrar and provides hosting services to about 19 million people around the world.

Last April GoDaddy shut down more than 15,000 subdomains hosted on its customers’ sites that were used by scammers to sell products such as brain-enhancement pills and miracle weight-loss drugs.

The domains were created by spammers as a way of circumventing spam blacklists, according to researchers at Palto Alto Networks.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Boeing Starliner Launches Successfully, On Route To International Space Station

Boeing's crewless space taxi, CST-100 Starliner, one step closer to NASA certification, as it enters…

1 day ago

Apple Accused By Union Of Staff Law Violations At NY Store

Staff at Apple's World Trade Centre store in New York are allegedly being questioned and…

2 days ago

Canada To Join Five Eyes 5G Ban On Huawei/ZTE

Making it official. Canada is to turn its unofficial ban on 5G kit from Huawei…

2 days ago

Twitter To Hide Tweets That Share False Information During A Crisis

Potentially risking Elon's wrath over free speech, Twitter says it will hide tweets spreading misinformation…

2 days ago

Boeing Starliner Test Flight Readied For Tonight

Third time the charm? Main rival to SpaceX's Dragon capsule, the embattled Boeing Starliner spacecraft,…

2 days ago

September 13 Slated For iPhone 14 Launch – Report

No surprise there. Apple is slated to launch the iPhone 14 on 13 September according…

2 days ago