Finally, Godaddy opens up on the data breach which impacts the web hosting accounts security that happens between October 2019.
Talking about Godaddy
Godaddy is the world’s largest Internet domain registrar and the web hosting company the main headquarter is in Scottsdale, Arizona which is approximately 19 million customers and worldwide total employee connected with the organization is around 9,000
Let’s take a look at the data breach
As the whole scenario came from the company is that they identified the suspicious activity on a subset of the server. The investigation found that an unauthorized individual has access to your login information which is used to connect the SSH on your hosting accounts. After that, the unauthorized user has been blocked by the systems and we can continue the investigation potential which impacts the across our environment.
As per information, it was cleared that the attacks the hosting accounts but not affect the main website user credentials and information is safe.
SSH
SSH is a secure shell which is a cryptographic network protocol for the operating network services
Securely over an unsecured network. Basically SSH is used to access an organization’s most critical assets, organizations stick to the highest security level of SSH access and disable basic credentials authentication and use the machine identities. A threat intelligence specialist of venafi said that the implementation of the strong private-public key to authenticate a user and a system.
What are the measures taken by GoDaddy?
In the process of precaution to avoid unauthorization access to the hosting account with login information. For the safer side, the customers are requested to conduct an audit for their hosting accounts. Godaddy team has sent the breach notification letter and offered one year of free website security deluxe and express malware removal services to show this was not the customer’s fault.
Godaddy runs the scans on your website to identify and alert you of any potential vulnerabilities. If a special way to contact our security team and they will be there to help that all mentioned in the notification letter.