GoDaddy Security Incident

Author	« Topic »
Vonderbach Starting Member USA 16 Posts Pre-sales questions only (More Details...)	Posted - 06/02/2020 : 11:43:01 I just received this email today, can someone please let me know if this requires further action on my part? I'm not familiar with this cURL process that they mention. Before I go forward with GoDaddy support, I would like to have your opinion on this. [quote]Dear John Doe: As a shared hosting customer, we're alerting you about a recent security incident. We believe this incident impacted less than 1,000 of our hosting customers. However, because the incident took place in our shared hosting environment, we are notifying any customer that potentially could have been impacted. From April 14 21:30 UTC to April 17 20:38 UTC, an unauthorized individual placed a modified Client URL (cURL) file on the hosting server that runs the following site(s): *url removed* Our investigation found this file was designed to identify and extract credit card information, if it was processed using cURL. We believe the ultimate goal of the unauthorized file was to capture transactions on your website that would have requested your customer's credit card information to be entered. Your personal information contained in your main account was not impacted. If your website does not collect credit card information from your customers, or if you do not process customer credit cards using cURL, your customers were not impacted. No further action is required. If your website does process credit cards using cURL, you will need to review your payment processing history to determine if your customers are impacted: 1. If you collected or processed any credit card payments from your customers between April 14 21:30 UTC and April 17 20:38 UTC, please click here to receive a call from a Support Guide. 2. If you did not collect or process any credit card payments from your customers between April 14-17, your customers were not impacted. No further action is required. If you are unsure if your website uses cURL, please contact your website administrator. Thank you for being a customer, we truly appreciate it. We apologize for any inconvenience or hardship this may cause you or your customers. Our team is committed to preventing these types of incidents in the future and we'll always be forthcoming in our communications with you. GoDaddy Security Team[/quote]
Phil ECT Moderator United Kingdom 7681 Posts	Posted - 06/02/2020 : 12:07:38 Hi Stephen, If I remember correctly you use Auth.net AIM as your payment provider and I'm fairly sure that will use cURL but I would just wait for Vince to confirm that. * Database Migrations and Conversions* * ASP to PHP Cart Conversions* *Contact Us* *Buy The PHP Capture Card Plugin* Rate Our Services/View Our Feedback
dbdave ECT Moderator USA 10413 Posts	Posted - 06/02/2020 : 12:07:50 Hi Vonderbach, I think we will want to get Vince to take a look and get his thoughts, but at the same time, it might be helpful to know what payment processor(s) you are using. Thanks, David
Vonderbach Starting Member USA 16 Posts Pre-sales questions only (More Details...)	Posted - 06/02/2020 : 12:46:17 Thank you gentlemen, as Phil suggested, I am using Auth.net Thank you
dbdave ECT Moderator USA 10413 Posts	Posted - 06/02/2020 : 13:08:37 I'll have to work on my timing. I see Phil beat me by 12 seconds... I'll post a message to Vince to make sure he sees this thread. Thanks, David
Vince Administrator 42769 Posts	Posted - 06/02/2020 : 13:20:37 Hi Vonderbach Yes, if you use Auth.net AIM then you would have been using cURL I'm afraid for the CC transactions. Vince Click Here for Shopping Cart Software Click Here to sign up for our newsletter Click Here for the latest updater
Vonderbach Starting Member USA 16 Posts Pre-sales questions only (More Details...)	Posted - 06/03/2020 : 11:43:54 Thank you all....off to Godaddy to sit on hold for an hour and argue with them
	« Topic »