{"id":864,"date":"2020-05-09T02:55:05","date_gmt":"2020-05-09T01:55:05","guid":{"rendered":"http:\/\/zerothcode.com\/blog\/?p=864"},"modified":"2020-10-08T05:34:12","modified_gmt":"2020-10-08T04:34:12","slug":"godaddy-confirms-data-breach-customers-hosting-accounts-hacked","status":"publish","type":"post","link":"https:\/\/zerothcode.com\/blog\/godaddy-confirms-data-breach-customers-hosting-accounts-hacked\/","title":{"rendered":"GoDaddy Confirms Data Breach \u2013 Customers Hosting Accounts Hacked"},"content":{"rendered":"<ul>\n<li>\n<h4>GoDaddy Data Breach \u2013 Hosting Account Compromises.<\/h4>\n<\/li>\n<li>\n<h4>SSH Login Credentials have\u00a0accessed\u00a0unauthorized.<\/h4>\n<\/li>\n<li>\n<h4>The Company advises auditing your Hosting account.<\/h4>\n<\/li>\n<\/ul>\n<p>Godaddy is an American Internet domain registrar and web hosting company. GoDaddy has approximately 19 million customers worldwide. The company official confirms 28,000 users compromised.<\/p>\n<p>According to GoDaddy\u00a0statement,<\/p>\n<p>\u201cWe need to inform you of a security incident impacting your GoDaddy web hosting account credentials.\u00a0We recently identified suspicious activity on a subset of our servers and immediately began an investigation. The investigation found that an unauthorized individual had access to your login information used to connect to SSH on your hosting account.\u201d<\/p>\n<p>\u201cWe have no evidence that any files were added or modified on your account. The unauthorized individual has been blocked from our systems, and we continue to investigate potential impact across our environment.\u201d<\/p>\n<p>\u201cWe have proactively reset your hosting account login information to help prevent any potential unauthorized access, you will need to follow these steps in order to regain access. Out of an abundance of caution,\u00a0<strong>we recommend you conduct an audit of your hosting account.\u201d<\/strong><\/p>\n<h3>GoDaddy Apologize<\/h3>\n<blockquote><p><em>Again, we apologize for any inconvenience this may have caused. We have already taken and will continue to take measures to enhance our security in light of this incident.<\/em><\/p><\/blockquote>\n<p>\u201cOn April 23, 2020, we identified SSH usernames and passwords had been compromised by an unauthorized individual in our hosting environment. This affected approximately\u00a0<strong>28,000 customers<\/strong>.<\/p>\n<p>We immediately reset these usernames and passwords, removed an authorized SSH file from our platform, and have no indication the individual used our customers\u2019 credentials or modified any customer hosting accounts. The individual did not have access to customers\u2019 main GoDaddy accounts.\u201d<\/p>\n<p><strong>Secure Shell (SSH)<\/strong>\u00a0is a\u00a0<a href=\"https:\/\/hackersonlineclub.com\/cryptography\/\" target=\"_blank\" rel=\"noopener noreferrer\">cryptographic network<\/a>\u00a0protocol for operating network services securely over an unsecured network.[1] Typical applications include remote command-line, login, and remote command execution, but any network service can be secured with SSH.<\/p>\n<p>SSH provides a secure channel over an unsecured network by using a client\u2013server architecture, connecting an SSH client application with an SSH server.<\/p>\n<p>\u201cIt\u2019s unclear whether GoDaddy\u2019s reported incident was because of the re-use of previously stolen credentials or from brute-force attacks,\u201d Matt Walmsley, EMEA director at security company Vectra, told\u00a0TechRepublic. \u201cThere have also been recent reports of GoDaddy\u2019s support employees being successfully phished, which might be connected.<\/p>\n<p>Regardless of how the unauthorized access was gained, it\u2019s a sharp reminder that the monitoring of how privileged credentials are used, not just granted, can make the difference between detecting an active attack and being blissfully ignorant to a breach.\u201d<\/p>\n<p>Customers need to follow security guideline to protect their server accounts.<\/p>\n<h3>How To keep Protect?<\/h3>\n<ul>\n<li>Create a Unique Password and change it periodically.<\/li>\n<li>Use Two-Factor Authentication<\/li>\n<li>Do not click unknown link through E-mail or SMS.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>GoDaddy Data Breach \u2013 Hosting Account Compromises. SSH Login Credentials have\u00a0accessed\u00a0unauthorized. The Company advises auditing your Hosting account. Godaddy is<\/p>\n","protected":false},"author":1,"featured_media":865,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[37],"tags":[],"yst_prominent_words":[238,1188,422,457,1190,1187,1181,1178,1191,1192,1184,176,260,1182,1189,1185,1179,1186,1180,1183],"class_list":["post-864","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hackers-news"],"_links":{"self":[{"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/posts\/864","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/comments?post=864"}],"version-history":[{"count":0,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/posts\/864\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/media\/865"}],"wp:attachment":[{"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/media?parent=864"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/categories?post=864"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/tags?post=864"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/zerothcode.com\/blog\/wp-json\/wp\/v2\/yst_prominent_words?post=864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}