GoDaddy found a multi-year security breach in December 2022, the web hosting company has just now revealed.
The breach allowed unknown third parties to gain access to GoDaddy source code, and they installed malware on the company's servers as well.
No security breach is a good breach, but this particular one is worse than normal, and may cast doubt on the web hosting and domain services that the company offers. GoDaddy says it has added security measures to stop a similar attack in the future and is working with law enforcement to stop the bad actors.
How the GoDaddy Breach Happened
GoDaddy first noticed a problem in early December of last year, when a few customer complaints all mentioned that their website had been “intermittently redirected,” the company said in its statement.
After taking a look, GoDaddy realized that the issue wasn't easily reproducible, but involved “seemingly random websites hosted on our cPanel shared hosting servers.” The company eventually realized that an unauthorized party had accessed the servers in their cPanel shared hosting environment, and the issue was caused by malware that had been installed by the third-party actor.
The same hackers also “obtained pieces of code related to some services within GoDaddy.”
GoDaddy didn't explain how the breach had happened but did say that the situation had been “remediated,” with new “security measures” rolled out to prevent future breaches.
How Bad Is This Breach?
Security breaches themselves aren't a sign that a tech company has failed, since mitigation measures can help to reduce the severity of a breach's impact. But just going off of what we know, this seems likely to be a rough PR hit for GoDaddy to recover from.
Not only does the breach encompass multiple years, but GoDaddy customers' websites were vulnerable to malware as a result of the breach.
It appears to be bad news for every other major hosting platform, as well. According to the GoDaddy announcement, the breach is just one incident from a group dedicated to targeting hosting services specifically:
“We have evidence, and law enforcement has confirmed, that this incident was carried out by a sophisticated and organized group targeting hosting services like GoDaddy. According to information we have received, their apparent goal is to infect websites and servers with malware for phishing campaigns, malware distribution and other malicious activities.”
It does make sense to hack a hosting service, since it's a one-stop shop for a huge range of other websites. And that means the customers are the true target, which is bad news for anyone currently hosting their own website.
Staying Secure While Hosting a Website
We've rated and reviewed all the top web hosting platforms. While GoDaddy does make our list, it's towards the end, trailing InMotion (the best all-around web hosting provider), Bluehost (a still-great but cheaper InMotion alternative), HostGator (the best for reliable uptime), and a few others.
Check out our full guide over here — and let's hope they remain secure against any data breaches in the near future.