Another day, another massive data breach – this time affecting a leading web technology company, as well as both of its subsidiaries, from where millions of customers around the world have purchased domain names for their websites.
Network Solutions was the world’s first internet domain provider, having won a grant from the National Science Foundation (NSF) back in 1991 and given an exclusive contract to be the sole name registrar for the .com, .net and .org domains a year later.
According to DomainState, Networks Solutions, now owned by Web.com, is currently the fifth-largest domain name registrar accounting for close on seven million domains.
Along with another domain name registrar, Register.com, and parent Web.com, Network Solutions has confirmed it has been hacked.
What happened? — In late August 2019, a third-party gained unauthorized access to a “limited number” of the company’s computer systems and reportedly accessed millions of records for accounts of current and former customers with Web.com, Network Solutions, and Register.com.
The company said it became aware of the security intrusion only on October 16, 2019, but did not disclose any details on how the incident happened.
What type of information was compromised? — According to the affected domain registrars, the stolen information includes contact details of their customers, such as:
- Phone numbers
- Email addresses
- Information about the services offered to a customer.
What type of information was not compromised? — The companies also confirmed that no credit card information was compromised as a result of the security breach incident since they claim to encrypt their customers’ credit card numbers before storing them on their databases.
“We store credit card numbers in a PCI (Payment Card Industry) compliant encryption standard and do not believe your credit card information is vulnerable as a specific result of this incident,” reads a breach notice published on websites of Web.com, Network Solutions, and Register.com.
To be noted, the passwords for account logins of affected customers were also not compromised, which otherwise could have allowed attackers to permanently hijack domain names by transferring them to an account owned by attackers with a separate service.
What are the affected companies now doing? — The companies took necessary steps to stop the security intrusion upon discovery and immediately launched an investigation by engaging a leading independent cybersecurity firm to determine the scope of the incident.
The companies have also notified all the relevant authorities and already started working with federal law enforcement.
All three affected domain registrars are also in the process of contacting affected customers through email and via their websites.
What affected customers should do now? — As a precaution, affected customers are encouraged to change passwords for their Web.com, Network Solutions, and Register.com accounts and for any other online account where you use the same credentials.
Do it even if you are not affected—just to be on the safer side.
“We have already taken additional steps to secure your account, and there is nothing you need to do at this time. The next time you log in to your account, you will be required to reset your password,” the domain registrars recommend.
Since the exposed data includes personal identifying information (PII), affected customers should mainly be suspicious of phishing emails, which are usually the next step of cybercriminals in an attempt to trick users into giving away their passwords and credit card information.
Although the data breach did not expose any financial information, it is always a good idea to be vigilant and keep a close eye on your bank and payment card statements for any unusual activity and report to the bank if you find any.
This is not the first time Web.com has disclosed a security incident. In August 2015, the company suffered a major data breach that had compromised personal and credit card information belonging to nearly 93,000 customers.