GoDaddy Confirms Data Breach – 28000 Customers Affected

GoDaddy, one of the most famous domain registrar and hosting companies out there, have notified its customers about security issues and data leakage they have experienced:

The media have reported that the problem affected all 19 million customers of the company, and the incident took place in the fall of 2019. However, The Register reports that this is not quite the case. According to the publication, what happened in October 2019 has nothing to do with the current incident, while other media reports that the initial compromise took place eight months ago. So, it could be an absolutely new security breach of the affected GoDaddy servers.

Back to the facts, on April 23, 2020, GoDaddy employees discovered suspicious activity: usernames and passwords were compromised, as attackers made changes to the SSH file in GoDaddy infrastructure. In total, this problem affected approximately 28,000 customers (not 19,000,000, as some have suggested). But it was easy to make this mistake because not all the data breach-related facts have been released yet.

Troy Hunt from haveibeenpwned.com

GoDaddy experts claim that they have already reset all affected usernames and passwords, got rid of the deliberately damaged SSH file, and have not yet found any traces that the attackers used the “leaked” credentials and changed anything. The company emphasized that it did not find evidence that during the incident any files were added or changed (however, nothing was said about viewing and downloading files).

It is emphasized that the attackers did not have access to the main customer accounts on GoDaddy.com, the incident affected only hosting accounts, however, experts still recommend that victims change their passwords everywhere. And if you still need a domain name, check out Namecheap, one of the more reliable registrars out there.

Johnny McKinsey
Follow me

5 thoughts on “GoDaddy Confirms Data Breach – 28000 Customers Affected”

  1. I call them yesterday after receiving the email. AND the did not had the DECENCY of informing me of that. I’ve find it weird that they transfer me a 2nd time to another representative, a guy called Antonio, and Antonio just played dumb, and “kinda” advised me to change all my passwords: “better safe than sorry” he said.

    Well, this is not how I do business, I enjoy clarity, transparency and honesty. And simply hate murky behavior. Because of that, this is my last period with them. I’ll migrate EVERY customer I have out of GoDaddy. This shadow behaviors is unacceptable.

    Being hacked, hey ok. It happens to us all one tome or another, specially on big infrastructures. Hiding and playing dumb, NOT OK! So goodbye… GO… DADDY GO AWAY.

    Reply
  2. GoDaddy have angered a lot of people after their attack on the First Amendment. It is no surprise that someone hacked them, and those that still support them.

    Reply
  3. Exceptional post however , I was wanting to know if you could write a litte more on this topic?
    I’d be very grateful if you could elaborate a little bit more.
    Thank you!

    Reply
  4. I was reading this and i realy found what i was looking for your article is really informative and i’ll be grɑteful if ʏou keep writing in the future.

    Reply

Leave a Reply to Glenn Cancel reply