GoDaddy is the leading web hosting company in the U.S.. It's also one of the world’s largest domain registrars, after serving more than 20 million customers globally.
And this time, it has some really bad news.
The company has reported that a "sophisticated" security breach by unknown attackers managed to compromise its cPanel shared hosting environment.
As a result of this, the perpetrators were able to compromise websites inside the affected hosting environment to redirect their traffic to various unknown domains using a method called URL redirection, or URL forwarding.
While at it, the perpetrators were also able to corrupt websites, steal source code, steal employee login credentials, and host malware on GoDaddy’s servers in a prolonged attack that spanned multiple years.

GoDaddy announced this in a filing during its compulsory annual report with the U.S. Securities and Exchange Commission (SEC) (PDF):
The hack was realized back in early December of 2022, when a customer reported and alerted GoDaddy.
"In early December 2022, we started receiving a small number of customer complaints about their websites being intermittently redirected," the company wrote in a blog post.
"Once we confirmed the intrusion, we remediated the situation and implemented security measures in an effort to prevent future infections."
But by that time, the attackers had already gained not only a foothold, but a stronghold, inside the company’s network several years prior.
According to the company, the security breach occurred over a span of several years, and is connected to previous breaches that were disclosed in November 2021 and March 2020.

In November 2021, GoDaddy’s WordPress hosting environment was compromised by attackers who used a compromised password. Around 1.2 million users were affected by this data breach as a result of this issue.
At that time, hackers gained access to customers' email addresses, WordPress Admin passwords, sFTP, database credentials, and SSL private keys of a subset of active clients.
Then, in October 2019, a hacker managed to gain access to GoDaddy's web hosting accounts, compromising 28,000 customers by using their SSH credentials. GoDaddy discovered this breach in March 2020.
Dealing with this case, and as part of its investigation, GoDaddy has sought help from external cybersecurity forensics experts and law enforcement agencies around the globe.
"As we continue to monitor their behavior and block attempts from this criminal organization, we are actively collecting evidence and information regarding their tactics and techniques to help law enforcement," the company said.
"We apologize for any inconvenience this may have caused to any of our customers or visitors to their websites. We are using lessons from this incident to enhance the security of our systems and further protect our customers and their data."