GoDaddy has admitted to BleepingComputer that 28,000 customers’ hosting accounts had been compromised in a security breach. The company notified affected users through an email that an “unauthorized individual” obtained access to their login information. It added that it found no evidence that the compromised accounts’ files had been modified in any way and that it had already blocked the unauthorized individual from its systems.
In a statement sent to the publication, GoDaddy revealed that the affected web hosting accounts had been exposed through an altered SSH file, which it has already removed from its platform to protect the rest of its 19 million users. The security incident took place on October 19th, 2019 and was discovered on April 23rd, 2020 after the company’s security team detected suspicious activity on some of its servers.