GoDaddy Guarantees Data Breach: What 19 Million Customers Need to Know
The world's largest domain registrar, GoDaddy, with 19 million customers, has exposed data breaches that affect the integrity of a web hosting account.
"According to Balling Computer, which broke the news yesterday afternoon, an unknown number of customers have been notified that evidence of their web hosting account has been used."
What is known so far about GoDaddy's data breach?
Confirmation of the data breach, in an email signed by Goadad CISO and VP of Engineering Demetrius Comes, revealed that the alleged security incident came after a suspicious targeting of some GoDaddy servers. The violation itself appears to have occurred on October 19, 2019, according to the California Department of Justice, where a sample email exposition was submitted.
The email notification indicated that when investigating the incident, an "unauthorized person" was found to have access to login information meaning that they could "connect to SSH" at the affected accounts. SSH is an acronym for Security Shell, a network protocol used by system administrators to access remote computers. Ssh, as you can imagine at the time, is a useful invasion spreadsheet that works for hackers. If you want to dig into technical details, then Hackaday has an excellent article on "A terminal program that communicates with a server using encrypted connections".
"GoDaddy's breach underscores the importance of SSH security," said Yana Blachman, a risk management expert at Venafi.
"SSH is used to access the most important assets of an organization, so it is important for organizations to comply with high SSH security standards and to disable basic authentication" says Blachman, " crypto-public or private user authentication with the application. "
GoDaddy accounts affected by the violation?
Importantly, GoDaddy's email stated that infringement is limited to hosting accounts and does not include customer accounts or personal information stored on them. He also pointed out that no evidence was found to show that the files were modified or added to the accounts affected, but did not say whether those files were archived or copied. However, all the accounts of the affected accounts have been reset, and the email contained a procedure that consumers should have to retrieve associated hosting accounts. GoDaddy also recommended, as a "protection", for users to check their host accounts.
However, the investigation into the incident is far from over. While the attacker was "locked out of our systems," the email said, it also said that GoDaddy continued to experience the potential impact on their environment. Details are scarce, at this stage, beyond what I have described. I contacted GoDaddy about how many accounts were affected and will update this article once I have officially replied.
GoDaddy will provide free security services to those affected?
Meanwhile, GoDaddy said it would provide a full year of security and malware removal services to affected customers, and expressed "remorse for the incident."
This is the second important GoDaddy security incident reported in a few weeks. On March 31, former Washington Post reporter Brian Krebs explained how a GoDaddy employee was "a victim of a phishing attack," leading to a crackdown on a small number of customers from the GoDaddy domain.
GoDaddy releases an official statement detailing the number of accounts affected in this violation
I now received news from the GoDaddy platform with the following statement confirming the total number of accounts affected and the date the company saw the official engagement:
Hello to all readers if you read all of my articles then kindly suggest me any changes in the article.If found unnecessarily. Feel free to write down a comment.
Thanks in advance