GoDaddy one of the largest web hosting companies stated that was attacked by strangers who managed to steal the source code and install malware on their servers after breaching its hosting environment cPanel in a multi-year attack.
GoDaddy discovered the breach in early December 2022 after customer reports that their websites were being used to redirect to random domains, but the attackers reportedly had access to the company's network for years.
"With base our investigation, we believe these incidents are part of a multi-year attack by a sophisticated hacking team which, among other things, installed malware on our systems and acquired comeyea of the source code from certain GoDaddy services,” the company said in its SEC filing.
The company reported that breaches from November 2021 and March 2020 were discovered and ultimately allegedly linked to this multi-year attack.
The November 2021 incident resulted in a data breach affecting 1,2 million managed WordPress customers after attackers breached GoDaddy's WordPress hosting environment using a compromised password.
They gained access to all affected customers' email addresses, WordPress admin passwords, sFTP credentials, databases, and SSL private keys of some active customers.
