Web hosting accounts credentials at GoDaddy, the biggest domain registrar in the world, have recently been compromised, according to the information from the company itself.

There is probably not a single person who manages websites that hasn’t heard of GoDaddy by now. Having more than 77 million managed domains and offering hosting solutions to as many as the same number of websites, GoDaddy is well known in the hosting world.

The confirmation for the data breach was sent via email to an unknown number of customers to inform them of the data leak concerning their web hosting accounts’ credentials information.

What is also interesting is that the breach, as stated by the State of California Department of Justice, took place last year, on October 19, 2019.

The investigation of the accident found out that a shady individual had successfully acquired sensitive login information, meaning they could have gained access to particular hosting accounts via SSH. An acronym for secure shell, SSH is used by administrators for accessing remote devices.

What has happened at GoDaddy emphasizes the importance of SSH security because it allows access to very critical assets of an organization or an individual.

According to GoDaddy, the breach only involved data leak of hosting accounts and not personal information stored inside customer accounts. The company also claimed that the affected accounts remained unaffected, meaning there were no modified files or new files added, but failed to say whether any files were copied or only viewed by hackers. As a further security measure, GoDaddy has reportedly reset the impacted hosting accounts login information. They have also sent a letter detailing the additional steps account holders had to take to restore access to concerned accounts. Furthermore, the letter advised users to further audit their accounts as yet another measure of caution.

Apart from expressing regret for the occurrence of the accident, The company has vowed to offer free security service to companies and individuals with affected accounts for a number of complimentary years.

The information regarding the breach was sent to customers by no other than Demetrius Comes, the GoDaddy SICO and vice president of engineering. Although he described the incident as minor and offered to the affected Express Malware Removal and Website Security Deluxe products for free, will it be enough to win back the trust of customers in a time when data security is of crucial importance to anyone conducting online business?