Cybersecurity pros are coming down hard on GoDaddy after the domain registry company reported that an outsider had accessed customer login credentials possibly affecting all 19 million company accounts.

GoDaddy informed its customers on May 4 of the breach saying an unauthorized individual accessed the login credentials used to connect to SSH on the hosting account. The breach took place in October 2019 but was only discovered on April 23.

Chris Clements, vice president of solutions architecture at Cerberus Sentinel, brought up two indicators that indicate the company was at fault for the breach. The first being that GoDaddy is offering free Website Security Deluxe and Express Malware Removal to its customers in response to the incident.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.