GoDaddy one of the largest web hosting companies stated that was attacked by strangers who managed to steal the source code and install malicious software on their servers after breaching the cPanel hosting environment in a multi-year attack.
GoDaddy discovered her infringement in early December 2022 after customer reports that their sites were being used to redirect to random domains, but the attackers reportedly had access to the company's network for years.
"Based on our investigation, we believe these incidents are part of a multi-year attack by a sophisticated hacking group that, among other things, installed malware on our systems and obtained comeyea of the source code from some services of GoDaddy," the company said in its SEC filing.
The company reported that breaches from November 2021 and March 2020 were discovered and ultimately allegedly linked to this multi-year attack.
The November 2021 incident resulted in a data breach affecting 1,2 million service customers WordPress managed, after attackers breached GoDaddy's WordPress hosting environment using a compromised password.
They gained access to all affected customers' email addresses, WordPress admin passwords, sFTP credentials, databases, and SSL private keys of some active customers.