GoDaddy breach found after 6 months

Security Breach
GoDaddy, the largest hosting company in the world, announced on the 23th April 2020 that their security was breached on the 19th October 2019.
The public announcement from GoDaddy reads:
“On April 23, 2020, we identified SSH usernames and passwords had been compromised by an unauthorized individual in our hosting environment. This affected approximately 28,000 customers. We immediately reset these usernames and passwords, removed an authorized SSH file from our platform, and have no indication the individual used our customers’ credentials or modified any customer hosting accounts. The individual did not have access to customers’ main GoDaddy accounts.”
If you have been affected by this breach, you would probably already been notified or will be notified soon. There are several issues with this breach. Firstly, it can be presumed that the breach affected their main operation and not one of the other companies that they own. They own the hosteurope group of hosting companies which they bought in 2017. Host Europe includes: Heart Internet, Mesh Digital Host Europe, Webfusion, Red Coruna and Domainbox. GoDaddy has also bought up many other companies. Any of these could have been in the breach but it appears that only the main brand that is affected.
What happened
It appears that someone managed to get their certificate in to a server. This allowed them to have access to everyones files on the server even if the affected client changed their password.
How does this affect the server
There are generally two ways to authenticate to the SSH server, through either username and password or username and certificate (private/public key). Using a certificate is very secure and the recommended way to connect as it doesn’t require the exchange of a password but uses the robist public key technology to authenticate you. In this case the attacker managed to get their certificate installed on teh server and granted access to every account on the server.
What have they done to fix it
GoDaddy said that they have removed the certificate and that there is no evidence that anything malicious had happened. That being said they did not notice that there was a problem for nearly seven months.
Alternatives
We can help if you have been negatively affected by this experiance. Get your account in the CritchCorp Computers Ltd Store. If you prefer friendly, personal assistance with your website then we can help.
Keep Safe
CrichCorp
Comment (35)
Brighton| 6 September, 2020
Thanks for every other wonderful article. Where else may anybody get that kind of information in such an ideal approach of writing? I’ve a presentation subsequent week, and I am at the search for such info.
https://www.blogexpander.com/
CritchCorp| 18 September, 2020
You could also try yournews.website. I think you will find them very useful for many things.
Keep Safe
CritchCorp Support.
Jamesvog| 1 September, 2020
This happens to many companies, it is not just them. We should not pick on a company just because they are successful
CritchCorp| 3 September, 2020
Thanks for your comments, everyone is entitled to their own opinion.
We don’t think that it should take them that long to find the breach, but yes our opinion could be skewed by our past dealings with them.
George Voilk| 29 August, 2020
Yet more hacked sites. What happens to all their customers sites?
CritchCorp| 18 September, 2020
Hi George,
Thanks for the comments, it appears that their custoemr sites were not at risk in this case.
Keep Safe
CritchCorp Support.
Oscar Gef| 29 August, 2020
I have always hated them and always will
Oscar
CritchCorp| 18 September, 2020
Thanks for your comments Oscar.
Keep Safe
CritchCorp Support.
Jeremy sype| 29 August, 2020
Somone else said it, we can’t go bashing them for this. I have used them for year and never had a problem.
Jeremy
CritchCorp| 18 September, 2020
Thank you Jeremy for your comments, I think there have been other people who are defending them. We are just reporting the facts and respect your opinion on them. We of course have a very different opinion to yours.
Keep Safe
critchCorp Support.
Brian Tug| 29 August, 2020
Sad news.
Michael| 29 August, 2020
Where do you read about this, where can I find out more about it.
CritchCorp| 18 September, 2020
You will probably be able to find out more in the GoDaddy corporate blog or by contacting them directly.
Keep Safe
CritchCorp Support.
Michael| 29 August, 2020
I think my site was hacked because of this. Can I take action against them?
Thanks.
CritchCorp| 18 September, 2020
Probably not but you should consult with a legal professional.
Keep Safe
critchCorp Support.
Samuel Plogy| 28 August, 2020
Thank you for reporting this, I don’t remember seeing it on the news.
CritchCorp| 18 September, 2020
They are so common these days that ther rarely make the main stream news these days.
Keep Safe
Support.
Timothy Lewis| 27 August, 2020
GoDaddy breach found after 6 months | CritchCorp Computers Ltd
This seems to happen a lot these days.
CritchCorp| 28 August, 2020
Hello Timothy,
Yes, it does seem to happen a lot and it actually happens a lot more than we know about as most breaches don’t make the headlines.
Keep Safe
CritchCorp Support
WilliamCew| 22 August, 2020
great content, please provide some more.
CritchCorp| 22 August, 2020
We try our best to keep you up to date.
Keep Safe
CritchCorp Support
Libby| 21 August, 2020
It’s an awesome post designed for all the internet visitors; they will obtain benefit from it I
am sure.
CritchCorp| 21 August, 2020
Thank you, we do try.
Keep Safe
CritchCorp Support
David suels| 21 August, 2020
Great site, thanks for this info. I can show this to my boss so he can move our site from them.
CritchCorp| 22 August, 2020
Hi David,
Great idea, don’t forget to check our specials page to help you to make the discussion to move to our services.
Laverne Dag| 21 August, 2020
Great site, thanks fro the info.
CritchCorp| 22 August, 2020
Hi Laverne,
You are most welcome, please come again soon.
Keep Safe
CritchCorp Support.
Robert Vonna| 20 August, 2020
Why did it take such a big company so long to find out about this?
Ambrose| 20 August, 2020
Pretty nice post. I just stumbled upon your blog and wished to
say that I have really enjoyed surfing around your blog posts.
After all I will be subscribing to your feed and I hope you write again very soon!
Stevemes| 19 August, 2020
great things you write abut her
izuatew| 8 August, 2020
Does anyone know where I can move my WordPress site to. I want to get out of godaddy hosting.
CritchCorp| 13 August, 2020
You are just in luck, we have just launched our new WordPress Hosting Accounts. You can now get a dedicated WordPress account on a server that we have specially set up for WordPress.
You get far more than you do with Go-Daddy and it is cheaper than them too.
Sign up today and move your site across. Submit a support ticket and we can help you to migrate your site over and reduce any downtime. Usually we don’t have downtime at all.
Stay Safe
CritchCorp Support
aoefokuiso| 26 July, 2020
I hate goDaddy anyway. This always seems to happen to companies when they get too big.
Everyone should try to support local British businesses, like yours.
anon| 26 July, 2020
I have had nothing but bad experiences with godaddy. I am using 123-reg.co.uk now. They are a bit better.
CritchCorp| 5 August, 2020
Hi,
Sorry to tell you, but 123-reg is part of Host Europe, which was bought by Go Daddy. That might be why they are only a bit better as they integrate in to the GoDaddy systems.
For a truly superior experience try our new Feature Rich cPanel Hosting. https://shop.cc-computers.com/cart.php?gid=1
We will also have some dedicated WordPress hosting and even some FREE hosting coming soon.
CritchCorp