The world’s largest domain registrar, GoDaddy, with 19 million customers, has disclosed a data breach impacting web hosting account credentials.
With more than 19 million customers, 77 million domains managed, and millions of websites hosted, it is yet unknown number of customers have been informed that their web hosting account credentials had been compromised.
The GoDaddy email said that the breach is limited only to hosting accounts and did not involve customer accounts or the personal information stored within them. It noted that no evidence was found to suggest that any files were modified or added to the affected accounts but fell short of mentioning if files had been viewed or copied. However, all impacted hosting account logins have been reset, and the email contained the procedure customers need to follow in order to regain access to the hosting accounts concerned. GoDaddy has also recommended, “out of an abundance of caution,” that users audit their hosting accounts.
The confirmation of the data breach, in an email signed by GoDaddy CISO and vice-president of engineering, Demetrius Comes, revealed that the security incident in question came to light after suspicious activity was recently identified on some GoDaddy servers. The breach itself appears to have occurred on October 19, 2019, according to the State of California Department of Justice, with which the disclosure notification email sample was filed.
Read more via Forbes