GoDaddy, the world’s largest domain registrar, has confirmed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in October 2019.
Unfortunately, the web-hosting company only discovered the breach in late April and filed a breach notice with California’s Attorney General’s Office earlier this week.
An “unauthorized individual had access to your login information used to connect to SSH on your hosting account,” said Demetrius Comes, the company’s CISO. “This incident is limited in scope to your hosting account. Your main GoDaddy.com customer account, and the information stored within your customer account, was not accessible by this threat actor.”