Domain registrar and web hosting company GoDaddy has informed an undisclosed number of its customers of a recent data breach. Though the security incident took place on 19th October 2019, it went undetected until 23rd April 2020, when the company noticed suspicious activity happening on a subset of its servers.
As a result, the web-hosting account credentials of numerous customers have been compromised.
The spreading of this breach could go far as GoDaddy is the world’s largest domain registrar, managing 77 million domains.
An email confirmed the breach and was filed with the State of California Department of Justice and sent o customers by GoDaddy CISO and vice president of engineering Demetrius Comes. According to Comes, an unauthorised individual gained access to login information used by customers, allowing them to connect to SSH on their hosting account.
Comes described the known impact of the breach as minor in his message to those affected. However, he went on to say that an investigation into the incident was yet to conclude.
“We have no evidence that any files were added or modified on your account,” wrote Comes. “The unauthorized individual has been blocked from our systems, and we continue to investigate potential impact across our environment.”
Comes claims that GoDaddy acted dynamically to keep the impact of the security incident to an absolute minimum.
He wrote: “We have proactively reset your hosting account login information to help prevent any potential unauthorized access; you will need to follow these steps in order to regain access. Out of an abundance of caution, we recommend you conduct an audit of your hosting account.
Comes assured customers that their “main GoDaddy.com customer account, and the information stored within your customer account, was not accessible by this threat actor.”
In addition to offering customers its sincere apologies, GoDaddy is taking steps to sweeten the breach by offering “one year of Website Security Deluxe and Express Malware Removal at no cost.”
Customers were told that GoDaddy’s security team are available on hand to help them in the event of the free service alerting any potential security vulnerabilities on their websites.