GoDaddy suffers data breach

Artashes

Artashes

Administrator
Staff member
GoDaddy confirmed hosting data breach that was undetected for 6 months.

The company said an “unauthorized individual” was able to access users’ login details, that could have given the hacker the ability to upload or change website files.

From what is known, the breach only affected hosting accounts (28,000 customers), not general GoDaddy customer accounts.

UPDATE: For more details, HostingDiscussion ran a news story about the incident:
https://www.hostingdiscussion.com/b...breach-at-godaddy-what-customers-should-know/
 
i've seen this. I feel obligated to let everyone know as i've been saying for years this would happen with the amount of companies they have purchased and merged / destroyed. It's a no wonder.
 
From what I was reading, the breach was access to SSH Keys. Essentially direct access to users hosting accounts. There's also speculation that they could have had direct SSH access to main servers where hundreds or thousands of users are placed on single machines.

I did see that they've said that the breach did not affect users actual GoDaddy account details, and they said that there were no files added or removed from users hosting accounts. Later in an article they state that they are offering free Malware Removal Service to clients that are affected.

So which is it - there were files uploaded and they're providing Removal Services, or there were no files uploaded and you don't need the service? It's a little confusing how they worded it.

We'll see what happens in the next few days, and if new or clarifying information is released.
 
bigredseo said:
I did see that they've said that the breach did not affect users actual GoDaddy account details, and they said that there were no files added or removed from users hosting accounts. Later in an article they state that they are offering free Malware Removal Service to clients that are affected.

So which is it - there were files uploaded and they're providing Removal Services, or there were no files uploaded and you don't need the service? It's a little confusing how they worded it.
Click to expand...

Perhaps it's an extra offering, for the peace-of-mind of clients, to prove that nothing is up.
It's ballsy, in case something will come up. Something tells me though they have already ran tests to know nothing will.
 
I read about their breach this morning. Am going to love reading about the aftermath as I'm not a big fan of theirs.
 
SenseiSteve said:
I read about their breach this morning. Am going to love reading about the aftermath as I'm not a big fan of theirs.
Click to expand...

Thank God I moved all my domains from them (around 60) to Porkbun a couple of years ago. I would have never hosted with them in the first place.

My primary beef with them was their relentless upselling on other services on the way to checkout. Plus, the whole hunt for coupons every time I wanted to renew a domain was becoming too annoying. It felt like I had to seek out discounts because the prices kept increasing year after year.
 
Everyone must be moving stuff as their back-end is crawling right now. I have a client that contact me this morning and wants everything moved, so we've been making backups and trying to access things to cancel etc - it's just a very VERY slow crawl.
 
bigredseo said:
Everyone must be moving stuff as their back-end is crawling right now. I have a client that contact me this morning and wants everything moved, so we've been making backups and trying to access things to cancel etc - it's just a very VERY slow crawl.
Click to expand...

GoDaddy spread the wealth around. :devil:

Even if 5% of affected customers make a move, that's about 1,500 clients looking for a different hosting company today.
 
Affecting 28,000 hosting accounts is a large number. I think one should backup all files to a PC regularly no matter web hosting provider one is using.
 
izumi777 said:
Affecting 28,000 hosting accounts is a large number. I think one should backup all files to a PC regularly no matter web hosting provider one is using.
Click to expand...

dont need to backup to a PC. These days you can get a cheap VPS to set up as a backup server and using a services like jetbackup you can auto backup every day to the VPS.
 
easyhostmedia said:
still a fare few people affected regardless what services they had with go daddy
Click to expand...
You are 100% correct. I was rush-typing the post and should not have used the word "only". I might have been thinking about the millions of clients that they have when writing "only" 28,000 were affected. Obviously, that's a lot of potential damage to a lot of people.
 
bigredseo said:
Everyone must be moving stuff as their back-end is crawling right now. I have a client that contact me this morning and wants everything moved, so we've been making backups and trying to access things to cancel etc - it's just a very VERY slow crawl.
Click to expand...
For my money, GoDaddy has always been very VERY slow. I cringe when people tell me they're hosting with GD.
 
6 months? 6? Lol, they must have a real pro-active security team, to access any of our servers requires about 4 layers including 2FA twice direct to staffs cell. Server keys and passwords auto change every week.

Keys are routinely checked, not sure how they can go 6 months not knowing.
 
SenseiSteve said:
For my money, GoDaddy has always been very VERY slow. I cringe when people tell me they're hosting with GD.
Click to expand...

I think only 1 person helped GoDaddy gain the market they have now and that was Danica Patrick. Years driving an indycar plastered in Go Daddy logo and appearing in every Go Daddy marketing campaign
 
HostOX said:
6 months? 6? Lol, they must have a real pro-active security team, to access any of our servers requires about 4 layers including 2FA twice direct to staffs cell. Server keys and passwords auto change every week.

Keys are routinely checked, not sure how they can go 6 months not knowing.
Click to expand...

I don't know as much about security, but this sounds tough.
 
You must log in or register to reply here.

Latest posts

Forum supporters

Members recently online

Total: 11

Forum statistics

Threads
80,922
Messages
248,446
Members
20,678
Latest member
hostys
Top