If you are a GoDaddy user, this definitely concerns you like the recent press statement from GoDaddy on May 4th, 2020 claimed that the usernames and password of approximately 28,000 GoDaddy accounts have been compromised.
“On April 23, 2020, we identified SSH usernames and passwords had been compromised by an unauthorized individual in our hosting environment. This affected approximately 28,000 customers. We immediately reset these usernames and passwords, removed an authorized SSH file from our platform, and have no indication the individual used our customers’ credentials or modified any customer hosting accounts. The individual did not have access to customers’ main GoDaddy accounts.”
- Official Statement from GoDaddy on the matter
GoDaddy is facing scrutiny over this whole fiasco. The statement claimed only 28,000 accounts hacked, but multiple domains were bought and register under one username so the tally of the websites that might be at risk of phishing attack maybe twice or thrice the account numbers.
The breach was discovered on April 23rd, 2020. However, it happens to have occurred on October 19, 2019.
Two Points to Note
- GoDaddy also clarified that they have removed the public key placed by the hacker. However, it is recommended to change the login passwords of your GoDaddy account and your website’s database, even if you are using a remote database connection.
- If you’ve received an email that looks like from GoDaddy recently, even of the attack alert, don’t go straight ahead to click on it or any link in the email. Check if the mail has come from a genuine account or not. Contact their support on their website to be completely sure of the authenticity of the mail.
Facebook and Yahoo, both have had their share of hacking attacks in the past, which were way bigger than GoDaddy’s attacks on the basis of numbers. But if we look at the stakes then people's businesses are directly at risk in GoDaddy’s hacker attack.
Here's a list of potential hosting providers that offer free SSL, in case you are looking to change your hosting provider.