Godaddy has publicly confirmed that 28,000 hosting accounts have been compromised in a security breach. Although they’ve known about it since October of last year, the company only recently notified affected users through an email, stating that “unauthorized individuals” had obtained their login information and that access by these threat actors had already been blocked.
Although the notice mentions that they found no evidence that the files of compromised accounts had been changed, from years of experience with Godaddy’s hosting services I really doubt it. Why would a cybercriminal obtain access to a user’s account, then not do anything with it?
Godaddy has over 19 million users with their service so 28,000 is small in comparison. It is however still a substantial number. If you or someone you know has a Godaddy account, here’s what you should do today to secure the account:
- Enable two-step verification
Godaddy can send a text message with a verification code each time you log into your account. This code will be required to continue the login process, so it can be a bit annoying. However, it ensures that even if your Godaddy password is compromised, your account is inaccessible to cybercriminals. Here are the instructions from Godaddy on how to enable it: https://www.godaddy.com/help/enable-two-step-verification-7502
- Check your password
If the password to your Godaddy account is re-used with any other online service such as your email, LinkedIn, Facebook, bank account or credit card then be sure to change it right away. It’s best to have a completely unique, complex password for every online service. This can be hard, so I recommend using a password manager such as Keeper (https://keepersecurity.com). It can generate a secure password for every site you use and store it securely. Need some guidance with setting that up? Feel free to reach out – we can help.
In this time of crisis, we are working hard to continue being a source to inform the community of the latest threats and opportunities to life and business. Thank you for reading, listening, and protecting yourself and one another.
Stay safe out there