Web.com domain registrar reports potential leak

Recently was hacked the information system of the domain registrar Web.com and its subsidiaries. Representative of Web.com reports a possible data leak.

As follows from the information on the registrar’s website, attackers could gain access to personal data of clients, however, they were unlikely to find out their bank card numbers.

As a security measure, the registrar resets the passwords of all subscribers.

“On October 16, 2019, Web.com determined that a third-party gained unauthorized access to a limited number of its computer systems in late August 2019, and as a result, account information may have been accessed. No credit card data was compromised as a result of this incident”, — Web.com said in a written statement.

The invasion was discovered on October 16 this year. A preliminary investigation revealed that the attackers entered some computer systems of the registrar at the end of August 2019. The incident affected servers that stored Web.com customer data, as well as its Network Solutions and Register.com companies.

The following could fall into the hands of cybercriminals:

• customer names;
• home addresses;
• Email addresses;
• phone numbers;
• lists of services to which subscribers are subscribed.

According to the registrar, information about bank cards of clients is stored in an encrypted form and has not been compromised.

“We encrypt account passwords and do not believe this information is vulnerable as a specific result of this incident. As an added precautionary measure, customers will be required to reset passwords the next time they log in to their accounts. As with any online service or platform, it is also good security practice to change passwords often and use a unique password for each service”, — explained Web.com representatives.

The invasion was discovered on October 16 this year. The company hired information security specialists to investigate the incident, and notified supervisors of the invasion. All registrar and affiliate brand subscribers must change their password the next time they log in. According to customers, now in the process of authorization, the site offers to set a 16-digit secret key.

The registrar notified subscribers of the attack by email. At the time of writing, Register.com and Network Solutions have no mention of potential leakage of confidential data. The main page of the Web.com portal also does not contain information about the incident, and search bots do not index the press release section.

Read also: Cyberattack disables many Georgian websites

In 2013, Network Solutions resources became the target of a major DDoS attack. Cybercriminals attacked registrar NS-servers, which led to temporary unavailability of client sites. According to information security experts, the attack lasted about a day and could damage some DNS records.