Unauthorized access happened in October last year and impacted SSH logins only.
GoDaddy (NYSE: GDDY) has informed some of its webhosting customers that their accounts were breached last year. The company submitted the breach notice (pdf) to the State of California on Sunday. The incident happened in October 2019.
In a letter to affected customers, GoDaddy said that an unauthorized individual gained access to the login information used to connect to SSH on their hosting accounts.
SSH, also know as Secure Shell, is frequently used for secure file transfers and other processes.
GoDaddy has no evidence that the perpetrator added files or modified accounts. The breach only impacted hosting accounts and not other information in GoDaddy customer accounts.
GoDaddy is providing free Website Security Deluxe and Express Malware Removal to impacted customers for one year. GoDaddy typically charges $20/month for the security service and $25/month for the malware removal service.