One of the biggest names in domain names and hosting, GoDaddy, identified a data breach on 23rd April, 2020. The breach took place earlier, back in October 2019 but was only identified by part of their internal team some six months later.
Details about how the hackers gained access to GoDaddy's hosting environment is scarce but details from GoDaddy officials gave the following statement.
"We identified SSH usernames and passwords had been compromised by an unauthorized individual".
SSH is an acronym that stands for Secure Shell and uses programs such as PuTTY to allow users to access web hosting environments; where files that make up a website are stored.
GoDaddy currently offers services to more than 18 million users including:
Out of GoDaddy's huge customer base, how many customers and/or products are affected from the GoDaddy hack?
GoDaddy have identified that 28,000 customers credentials were affected and upon identifying these, have contacted and reset credentials for all accounts.
New UK regulations for data breaches also state that to comply with new GDPR regulations in 2018, all data breaches must legally be reported to the Information Commissioner's Office (ICO). Breaches of any customer's personal details must be reported within 72 hours whilst also keeping a mandatory record of the data breach. Failing to do so could result in companies facing a 10 million euro fine, or 2% of your global turnover - whichever is greater.
As websites and associated online services have become an essential cog in business, choosing the right solution for your web hosting and domain names is crucial. We suspect many of GoDaddy's customer base have been sold on the premise that their servers are safe and secure. However breaches such as these put these farces into perspective, that even the 'big players' can be brought down and are susceptible to being hacked.
By no means are GoDaddy the first global company to suffer a data breach, as major companies such as Yahoo, Adobe and T-Mobile have also fallen victim.
Rushax remains at the forefront of technology offering domain names, web hosting, HTTPS (SSL certificates) and more. We've never incurred a data breach and ensure your information is secured using the latest and highest levels of encryption available.
Although GoDaddy have informed customers and the ICO of the data breach, unfortunately for the affected customers it may not simply be a case of just resetting your credentials.
For any users affected by GoDaddy's security breach, that use the same password credentials to login to other email accounts, this could also mean changing passwords for any other external properties which use the credentials.
A report by Global Password Security Report in 2018 found that a staggering 50% of users use the same passwords across all of their accounts. If we apply that statistic, on average 14,000 customers external accounts could be at severe risk.
The team at Rushax urgently recommends anyone who has an account with GoDaddy, whether they were affected or not, to change their passwords imminently. Using a strong password that is a minimum of 10 characters, uses upper and lowercase characters alongside a number and a special character will ensure one of the highest levels of security for a password.
If you're struggling to generate a new password, use our free password generator tool that will automatically create a strong, unique password for you.
*We do not store or keep any passwords you generate as these are randomly generated.