Domain registrar and web-hosting firm GoDaddy disclosed a data breach that impacted web hosting account credentials of some customers.
The company said that the security incident, which happened in October 2019, enabled an unauthorized individual to access some customers’ login information that is used to connect to SSH on their hosting account.
The breach was discovered after the security team spotted a suspicious activity on some of the company’s servers.
The company assured customers that the breach did not impact “main customer accounts,” and there was no evidence to suggest that hackers added or modified any files on affected accounts.
The web-hosting firm has blocked the unauthorized individual from its systems and has also reset hosting account login information of affected users to prevent any potential unauthorized access in future.
The company is also offering one year of Express Malware Removal and Website Security Deluxe service at no extra cost to affected users.
Customers can use these services to scan their website for any potential security threats. The potential impact of the security incident is currently being investigated, the company stated.
This is, however, not the first instance of a security incident exposing sensitive details of customers to cyber criminals.
Last year, hackers used hundreds of stolen credentials for GoDaddy accounts to create nearly 15,000 subdomains to redirect potential victims to malicious websites.