Experts Commentary On GoDaddy Informs Customers Of Data Breach From October

It has been reported that GoDaddy suffered a data breach in October and has notified the Californian authorities, stating that an unauthorised individual was able to access SSH accounts used in its hosting environment.

“We have no evidence that any files were added or modified on your account,” the company said while omitting evidence that files could have been viewed and infiltrated. “The unauthorized individual has been blocked from our systems, and we continue to investigate potential impact across our environment.”

GoDaddy said the breach did not impact the “main GoDaddy.com customer account” and that any information within that account was not accessed. The company said it has reset passwords and would provide impacted customers with a year of its website security and malware removal service for free.


EXPERTS COMMENTS
Grant McCormick, CIO,  Exabeam
May 13, 2020
Credential-based attacks and digital privacy issues will remain prevalent risks for the foreseeable future.
Hostile cyber actors are targeting user credentials at rapid rates, as evidenced by this latest breach. To remediate incidents involving user credentials and respond to adversaries, organisations must move fast and consider an approach that is closely aligned with monitoring user behaviour - to provide the necessary visibility needed to restore trust, and react in real time, to protect user accoun ....
[Read More >>]
Anurag Kahol, CTO,  Bitglass
May 13, 2020
The incident underscores why organisations need to have full visibility and control over their data.
This security incident impacting GoDaddy customers underscores why organisations need to have full visibility and control over their data. While the web hosting giant confirmed that the breach only affected hosting accounts and not customer accounts or the personal information stored within them, hackers can still leverage the database of login credentials and commit account takeover. According ....
[Read More >>]
Timothy Chiu, Vice President of Marketing,  K2 Cyber Security
May 06, 2020
Traditional methods that typically rely on indicators from past attacks just aren’t working.
Companies continue to get breached with traditional security tools like Web Application Firewalls and Endpoint protection, an indication that we need better security tools. Traditional methods that typically rely on indicators from past attacks just aren’t working. Even NIST realized this – for the first time, they updated their standard to include Runtime Application Self-Protection (RASP) ....
[Read More >>]
Robert Prigge, CEO,  Jumio
May 06, 2020
GoDaddy was one of the first companies to recognize the potential of the internet in the late '90s.
GoDaddy’s breach of web hosting account credentials further proves usernames and passwords can’t be trusted to keep accounts secure. As unauthorized parties were able to connect to users’ hosting accounts, it’s clear stronger authentication methods are needed. GoDaddy’s response to reset passwords and provide complimentary web security and malware services is simply not enough. How can G ....
[Read More >>]
Chris DeRamus , VP of Technology Cloud Security Practice,  Rapid7
May 06, 2020
Customers put their trust in companies by allowing them to collect and store their information.
Unauthorized access is a popular culprit behind many data breaches, and this isn’t GoDaddy’s first security issue involving compromised accounts. According to a Ponemon survey, 59 percent of IT security respondents say customer accounts have been subject to an account takeover. Customers put their trust in companies by allowing them to collect and store their information. To keep that trust, o ....
[Read More >>]
Dr. Vinay Sridhara, CTO,  Balbix
May 06, 2020
GoDaddy is the largest domain registrar in the world, serving 19 million customers.
GoDaddy is the largest domain registrar in the world, serving 19 million customers. This breach is yet another example of the importance of basic cyber hygiene, including multifactor authentication (MFA). Since the SSH access in question is typically available only to privileged users, the need for MFA is even more critical. Unfortunately, GoDaddy does not offer MFA for SSH connections, highlighti ....
[Read More >>]
James Carder, Chief Information Security Officer & Vice President,  LogRhythm Labs
May 06, 2020
Strong SSH key management is critical in protecting internet accessible SSH.
It is astonishing that GoDaddy was unable to detect unauthorized access to SSH account credentials for about eight months. With this particular incident, there are further unknowns such as whether sensitive files were exfiltrated from the accounts, and exactly how many accounts from GoDaddy’s hosting environment were compromised. The GoDaddy data breach showcases how so many large enterprises s ....
[Read More >>]
Tim Callan, Senior Fellow,  Sectigo
May 06, 2020
The risks for SSH keys are arguably greater than for certificates.
While there is a great deal of focus on x.509 certificates for providing identity authentication, it’s valuable to remember that PKI takes other forms as well, including SSH keys. These keys need to be protected and managed just as certificate keys do. In fact, since standalone public-private key pairs lack the built-in lifecycle functionality that certificates enjoy—such as expiration and the ....
[Read More >>]
Trevor Morgan, Product Manager ,  comforte AG
May 06, 2020
Any information obtained through an intrusion would be rendered useless because the sensitive data would be indecipherable to the threat agent.
The good news is that GoDaddy was proactive in blocking the unauthorized individual, resetting passwords, and continuing to search for any further impact across the compromised environment. Another advisable strategy to complement this appropriate response from GoDaddy would be to perform an audit of their entire data environment to find ways to implement data-centric security methods. A method su ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article