Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
The Internet Businesses Privacy Security

Data Breaches Reported at NetworkSolutions, Register.com, and Web.com (krebsonsecurity.com) 17

"Top domain name registrars NetworkSolutions.com, Register.com and Web.com are asking customers to reset their passwords after discovering an intrusion in August 2019 in which customer account information was accessed," reports security researcher Brian Krebs: "On October 16, 2019, Web.com determined that a third-party gained unauthorized access to a limited number of its computer systems in late August 2019, and as a result, account information may have been accessed," Web.com said in a written statement. "No credit card data was compromised as a result of this incident." The Jacksonville, Fla.-based Web.com said the information exposed includes "contact details such as name, address, phone numbers, email address and information about the services that we offer to a given account holder...."

Both Network Solutions and Register.com are owned by Web.com. Network Solutions is now the world's fifth-largest domain name registrar, with almost seven million domains in its stable, according to domainstate.com; Register.com listed at #17 with 1.7 million domains.... Web.com said it has reported the incident to law enforcement and hired an outside security firm to investigate further, and is in the process of notifying affected customers through email and via its website....

Web.com wasn't clear how long the intrusion lasted, but if the breach wasn't detected until mid-October that means the intruders potentially had about six weeks inside unnoticed. That's a long time for an adversary to wander about one's network, and plenty of time to steal a great deal more information than just names, addresses and phone numbers.

This discussion has been archived. No new comments can be posted.

Data Breaches Reported at NetworkSolutions, Register.com, and Web.com

Comments Filter:
  • I've been getting spam email at "netsol@mydomain.com" for a couple of years now.

    Either (a) Rhey're selling their database to spammers, or (b) their systems aren't secure.

    • "They're" dammit.

      (was typing around my cat at the time)

      • (was typing around my cat at the time)

        Stop using your cat to do your Perl development for you !

        (Perfectly syntactically correct Perl should never have been indistinguishable from cats walking across keyboards !)

  • Yay. (Score:5, Informative)

    by Dan East ( 318230 ) on Saturday November 02, 2019 @10:55AM (#59372712) Journal

    Couldn't have happened to a nicer bunch. Network Solutions has been engaging in a number of nasty practices for over a decade, one of the worst being that they did (or still do?) put a registration lock on ANY domain name that was searched on their website. Merely searching a domain name there results in the inability to register that domain name at any other service for several days.

    • Yes, they advertise low price and then practically force you into accepting expensive extras. I had to rescue my wife's business away from them.
  • by Solandri ( 704621 ) on Saturday November 02, 2019 @11:28AM (#59372770)

    information exposed includes "contact details such as name, address, phone numbers, email address and information about the services that we offer to a given account holder

    Except for which services you're subscribed to, isn't the name, address, phone number, and email address already public in the WHOIS database [whois.net]? Unless you're paying extra for private registration (which should actually be the default - the current registration policies were created in a world before spam).

    • by tsqr ( 808554 )

      My thought as well.

      I received a "Notice of Data Breach" email from my registrar, who as it happens is also owned by web.com. They're so small that they didn't even get a mention on the web.com Wikipedia page in the Acquisitions section.

      The Notice says, "We encrypt credit card numbers and passwords, and no credit card data was compromised as a result of this incident," and "...as an additional precaution are requiring all users to reset their account passwords." Which boils down to re-directing the account h

  • by JustAnotherOldGuy ( 4145623 ) on Saturday November 02, 2019 @11:28AM (#59372772) Journal

    NetworkSolutions = Web.com

    Web.com bought NetSol and promptly raised domain registration prices.

    Web.com were scumbags back in the day and they're just as bad now as they were then.

    I'll be moving all my domains to another registrar within a month.

    • Cloudflare does .com domains for $8/year, just sayin'.

      • Cloudflare does .com domains for $8/year, just sayin'.

        I'm not 100% sure I trust Cloudflare.

        Domains.com also does $8 or $8.99 domain names, but for all TLDs if I recall correctly.

        So yeah, I'll be moving all of them, just not sure where yet.

  • Comment removed based on user account deletion

The difficult we do today; the impossible takes a little longer.

Working...