GoDaddy Hack Breaches Hosting Account Credentials

“On April 23, 2020, we identified SSH usernames and passwords had been compromised by an unauthorized individual in our hosting environment,” a spokesperson told Threatpost. “This affected approximately 28,000 customers. We immediately reset these usernames and passwords, removed an authorized SSH file from our platform, and have no indication the individual used our customers’ credentials or modified any customer hosting accounts. The individual did not have access to customers’ main GoDaddy accounts.”

Meanwhile, “we recently identified suspicious activity on a subset of our servers and immediately began an investigation,” the company said in a data-breach notice filed with the California Attorney General, obtained by media. “The investigation found that an unauthorized individual had access to your login information used to connect to SSH on your hosting account. We have no evidence that any files were added or modified on your account. The unauthorized individual has been blocked from our systems, and we continue to investigate potential impact across our environment.”

https://threatpost.com/godaddy-hack-breaches-hosting-account-credentials/155475/

I thought there security was always bad.

Thanked by (2)comi someTom

Comments

  • I used to have a free hosting account with Godaddy for some years. I guess it came with a domain promotion, one day it was suddenly in my account. The performance was ok, but I repeatedly found strange files like kdjswdkldfv.php in my webroot directory (with some malware in them), which never happened to me at other hosts. So I agree, security was never a priority for them.

  • This is exactly why one should always do fresh installs via Install Media and don't use pre-built setups (unless it's for quick testing). Additionally never keep the passwords the same as what's provided during sign up nor use the same ones for the control panel as for the VMs.

    Obviously if someone gets control of the panel they can shut down the server or remake it but it'll make it much harder for them to access the actual VM.

    Oh and backups. backups are important of course ;)

Sign In or Register to comment.