GoDaddy breach found after 6 months

GoDaddy Security breach discovered after 6 months

Security Breach

GoDaddy, the largest hosting company in the world, announced on the 23th April 2020 that their security was breached on the 19th October 2019.

The public announcement from GoDaddy reads:

“On April 23, 2020, we identified SSH usernames and passwords had been compromised by an unauthorized individual in our hosting environment. This affected approximately 28,000 customers. We immediately reset these usernames and passwords, removed an authorized SSH file from our platform, and have no indication the individual used our customers’ credentials or modified any customer hosting accounts. The individual did not have access to customers’ main GoDaddy accounts.”

If you have been affected by this breach, you would probably already been notified or will be notified soon. There are several issues with this breach. Firstly, it can be presumed that the breach affected their main operation and not one of the other companies that they own.  They own the hosteurope group of hosting companies which they bought in 2017. Host Europe includes: Heart Internet, Mesh Digital Host Europe, Webfusion, Red Coruna and Domainbox. GoDaddy has also bought up many other companies. Any of these could have been in the breach but it appears that only the main brand that is affected.

Certificate found on GoDaddy SSH server

What happened

It appears that someone managed to get their certificate in to a server. This allowed them to have access to everyones files on the server even if the affected client changed their password.

How does this affect the server

There are generally two ways to authenticate to the SSH server, through either username and password or username and certificate (private/public key). Using a certificate is very secure and the recommended way to connect as it doesn’t require the exchange of a password but uses the robist public key technology to authenticate you. In this case the attacker managed to get their certificate installed on teh server and granted access to every account on the server.

What have they done to fix it

GoDaddy said that they have removed the certificate and that there is no evidence that anything malicious had happened. That being said they did not notice that there was a problem for nearly seven months.

Alternatives

We can help if you have been negatively affected by this experiance. Get your account in the CritchCorp Computers Ltd Store. If you prefer friendly, personal assistance with your website then we can help.

Keep Safe

CrichCorp

Get secure hosting on servers with far less than 28,000 other clients.

Comment (35)

  • Brighton| 6 September, 2020

    Thanks for every other wonderful article. Where else may anybody get that kind of information in such an ideal approach of writing? I’ve a presentation subsequent week, and I am at the search for such info.

    https://www.blogexpander.com/

  • Jamesvog| 1 September, 2020

    This happens to many companies, it is not just them. We should not pick on a company just because they are successful

    • CritchCorp| 3 September, 2020

      Thanks for your comments, everyone is entitled to their own opinion.

      We don’t think that it should take them that long to find the breach, but yes our opinion could be skewed by our past dealings with them.

  • George Voilk| 29 August, 2020

    Yet more hacked sites. What happens to all their customers sites?

    • CritchCorp| 18 September, 2020

      Hi George,

      Thanks for the comments, it appears that their custoemr sites were not at risk in this case.

      Keep Safe

      CritchCorp Support.

  • Oscar Gef| 29 August, 2020

    I have always hated them and always will

    Oscar

  • Jeremy sype| 29 August, 2020

    Somone else said it, we can’t go bashing them for this. I have used them for year and never had a problem.

    Jeremy

    • CritchCorp| 18 September, 2020

      Thank you Jeremy for your comments, I think there have been other people who are defending them. We are just reporting the facts and respect your opinion on them. We of course have a very different opinion to yours.

      Keep Safe

      critchCorp Support.

  • Brian Tug| 29 August, 2020

    Sad news.

  • Michael| 29 August, 2020

    Where do you read about this, where can I find out more about it.

    • CritchCorp| 18 September, 2020

      You will probably be able to find out more in the GoDaddy corporate blog or by contacting them directly.

      Keep Safe

      CritchCorp Support.

  • Michael| 29 August, 2020

    I think my site was hacked because of this. Can I take action against them?

    Thanks.

  • Samuel Plogy| 28 August, 2020

    Thank you for reporting this, I don’t remember seeing it on the news.

  • Timothy Lewis| 27 August, 2020

    GoDaddy breach found after 6 months | CritchCorp Computers Ltd
    This seems to happen a lot these days.

    • CritchCorp| 28 August, 2020

      Hello Timothy,

      Yes, it does seem to happen a lot and it actually happens a lot more than we know about as most breaches don’t make the headlines.

      Keep Safe

      CritchCorp Support

  • WilliamCew| 22 August, 2020

    great content, please provide some more.

  • Libby| 21 August, 2020

    It’s an awesome post designed for all the internet visitors; they will obtain benefit from it I
    am sure.

  • David suels| 21 August, 2020

    Great site, thanks for this info. I can show this to my boss so he can move our site from them.

  • Laverne Dag| 21 August, 2020

    Great site, thanks fro the info.

  • Robert Vonna| 20 August, 2020

    Why did it take such a big company so long to find out about this?

  • Ambrose| 20 August, 2020

    Pretty nice post. I just stumbled upon your blog and wished to
    say that I have really enjoyed surfing around your blog posts.
    After all I will be subscribing to your feed and I hope you write again very soon!

  • Stevemes| 19 August, 2020

    great things you write abut her

  • izuatew| 8 August, 2020

    Does anyone know where I can move my WordPress site to. I want to get out of godaddy hosting.

    • CritchCorp| 13 August, 2020

      You are just in luck, we have just launched our new WordPress Hosting Accounts. You can now get a dedicated WordPress account on a server that we have specially set up for WordPress.
      You get far more than you do with Go-Daddy and it is cheaper than them too.
      Sign up today and move your site across. Submit a support ticket and we can help you to migrate your site over and reduce any downtime. Usually we don’t have downtime at all.

      Stay Safe

      CritchCorp Support

  • aoefokuiso| 26 July, 2020

    I hate goDaddy anyway. This always seems to happen to companies when they get too big.
    Everyone should try to support local British businesses, like yours.

  • anon| 26 July, 2020

    I have had nothing but bad experiences with godaddy. I am using 123-reg.co.uk now. They are a bit better.

    • CritchCorp| 5 August, 2020

      Hi,

      Sorry to tell you, but 123-reg is part of Host Europe, which was bought by Go Daddy. That might be why they are only a bit better as they integrate in to the GoDaddy systems.

      For a truly superior experience try our new Feature Rich cPanel Hosting. https://store.cc-computers.com/cart.php?gid=1

      We will also have some dedicated WordPress hosting and even some FREE hosting coming soon.

      CritchCorp

  • Leave a Reply

    Your email address will not be published. Required fields are marked *