GoDaddy reported about a data breach that occurred in October last year, stating that an unauthorized person managed to access SSH accounts used in its hosting environment.
GoDaddy, having more than 19 million customers, manages 77 million domains and millions of hosted websites. The number of customers affected by the breach is not known at present.
The data breach came to light after suspicious activity was recently identified on some GoDaddy servers.
The company stated that no evidence of any files added or modified on the accounts is available even though they did not mention about the files being viewed and exfiltrated.
They have blocked the unauthorized person from their systems and have started conducting investigations to determine the potential impact across their environment.
The company however reported that the data breach did not affect the “main GoDaddy.com customer account” and any information within that account was not accessed.
The breach is limited only to hosting accounts and did not involve customer accounts or the personal information stored within them.
All the passwords have been reset and the company has sent out email explaining the procedure which the customers have to follow to regain access to the hosting accounts concerned.
The company also assured that they would provide all the affected customers with a year of its website security and malware removal service for free.
These services scan the website to find and alert the user if any potential security vulnerabilities are present. In case of any issue, the user can contact their security team for help.
GoDaddy also recommends the users to audit their hosting accounts as a precautionary measure.