GoDaddy has recently been seen sending notices to their consumers alerting them of a security breach in their hosting. The breach has been described by GoDaddy as a hacker gaining the log-in information of customers, meaning the individual may have been able to change or upload website files.
This breach in security supposedly occurred back in October of 2019, but was not reported until six months later on the 3rd of May this year.
‘SSH’, known as ‘Secure Shell’, is a security protocol used to both upload and change files, as well as execute commands on a server. If a hacker is able to gain SSH access, the website becomes compromised. Typically, only admins should hold SSH access to a site.
GoDaddy have stated that SSH was first compromised back in October 2019 but was not discovered until April 2020, however, no further information has been disclosed by the company. Detail of what this vulnerability involved, as well as whether this was a new breach or the one from October 2019 as mentioned above, has not been disclosed by the company. GoDaddy also gave no indication as to whether any of their websites were impacted by the breach, however, per an article published by Threadpost, the security breach has been reported to have affected 28,000 hosting accounts.
GoDaddy sent out emails to all of their impacted customers, letting them know their account passwords had been changed. However, the company gave no indication to consumers as to whether any websites had actually been hacked as a result of the security breach, instead stating in their customer emails that ‘suspicious activity’ had been detected across their servers. The email that was sent out to customers by GoDaddy can be seen here.