Millions obliged to reset passwords after breaches at Network Solutions and Web.com

Domain registrar hack sparks privacy flap

Network Solutions, one of the biggest domain registrars, has disclosed a breach that exposed customer information but not credit card data.

Web.com, Network Solutions parent company was also breached, as well as Register.com, another business owned by Web.com. Network Solutions is the best known of the trio.

In a breach notice, Network Solutions said that it disclosed some two weeks ago that a “third-party gained unauthorized access to a limited number of our computer systems in late August 2019, and as a result, account information may have been accessed”.

Information on current and former Network Solutions customers may have been exposed by the incident and this includes contact details such as name, address, phone numbers, email address, and details of services contracted.

If the compromised data was to fall into the hands of cybercriminals, then they might easily abuse it to coax Network Solutions customers into disclosing more sensitive information through more convincing phishing scams and similar trickery. This would seem to be the main concern arising from the breach.

Check out the latest data breach news from The Daily Swig

“We encrypt credit card numbers and no credit card data was compromised as a result of this incident”, according to Network Solutions, which added that it plans to further bolster its defenses in response to the breach.

As part of its incident response, Network Solutions has contracted an (unnamed) cybersecurity firm to “determine the scope of the incident” as well as notifying the relevant authorities and working with federal law enforcement.

It is also in the process of notifying affected customers, who are being asked to change their passwords as a precaution. Customer will be required to reset their passwords next time they log into their Network Solutions account.

Both Register.com and Web.com have published near identical breach notices giving the same date and scope of breach as covered by the notice by Network Solutions.

Network Solutions alone handles nearly 7 million domains. It’s not clear how many records might have been exposed through the breach.

The Daily Swig has put in queries on this and related points and will update this story as and when further information comes to hand.

YOU MIGHT ALSO LIKE US healthcare breach may have exposed records of 130,000 Montana patients