Earlier this week, the webhosting giant, GoDaddy was hacked resulting in unauthorized access of data belonging to a total of 1.2 million active and inactive customers; this hack made it the third security incident to be reported since 2018.

An altered Secure Socket (SSH) file led to GoDaddy’s hosting environment getting compromised on a subset of their servers.  This incident allowed intruders to obtain unauthorized access to login information used to connect to SSH on hosting accounts.

As of November 24th, an additional six web hosting providers reported that they have also been compromised.  The reported incidents exposed FTP (File Transfer Protocol) and database credentials; this remained undetected for roughly two months.  The six additional compromised service providers were resellers for GoDaddy.  The extent of the intrusion for the additional web hosting providers appears to be the same as GoDaddy as they include matching dates of when the intrusion began.

The six compromised providers are:

  • 123Reg
  • Domain Factory
  • Heart internet
  • Host Europe
  • Media temple
  • tsoHost

It was determined that the dates of the compromise included multiple times throughout September 2021, and November 7th of 2021.  GoDaddy customers who host their websites with using their platform received a notification that their web data may have been potentially exposed and made security recommendations to those customers. These recommendations included updating FTP passwords and resetting the passwords for accounts that can login to your website’s hosted on GoDaddy and GoDaddy affiliated sites.

Keeping Your Data Secure

Compromises like this are not new and are expected to get worse in the future.  It’s more crucial than ever to keep your data secure; whether the data security be on your website, online cloud storage, or on your local computer, it is important to keep and maintain complete data security.

Important steps you can take to maintain data security in your office and online can be as simple as setting complex passwords that are different across your various accounts.  You can also use free tools such as LastPass or RoboForm to generate secure passwords that can also store them for you.  Making sure your office IT equipment and workstations are running the latest available security updates and firmware can also help protect from potential intruders. In addition, maintaining active anti-virus software can also help stop viruses and ransomware from affecting your computer.

Data security is a full-time job itself and maintaining extensive data security is essential for any size business today.  If you want to learn more about how Natural Networks can help protect your business from cyber intruders and breaches like those that have affected GoDaddy, give us a call today!