In my opinion, the safest hosts to use are huge companies who have already been hacked in the past. A hosting company with a lot of money behind them and a reputation they need to protect at all costs will do everything possible to protect their company image/reputation against other attacks in the future. Until a host (or any site for that matter) has been publicly hacked on a large scale, most will not be expecting it so they won't be safeguarded against it as well as they should be.
GoDaddy got hacked very publicly and subsequently invested millions of dollars in preventing any further issues so they could protect their reputation. I bet you couldn't hack into a secure GoDaddy server these days unless you were REALLY motivated.