Name.com resets passwords after security breach

Domain name registrar and web hosting company Name.com has been hit by a large-scale security breach – which the company said was motivated by an attempt to gain information on one, large commercial account.

The company has reset all passwords as a precaution after the attack, and warned customers that information including usernames, email addresses and passwords, “may have been accessed by unauthorized individuals.”

The company announced via its Twitter feed, “We had some hackers go after a customer. CCs [credit cards] and domains are safe, but you will get an email to change passwords.”

The email said, “It appears that the security breach was motivated by an attempt to gain information on a single, large commercial account at Name.com.”

The attack is the latest in a string of such incidents, with daily deals site LivingSocial, LinkedIn, Zappos and Evernote also having seen customer data accessed or compromised in recent months.

Name.com reassured customers via its Twitter feed that credit card details were protected by 4096 bit RSA encryption.

In an email sent to customers, reported by TheNextWeb, the company said, “Name.com stores your credit card information using strong encryption and the private keys required to access that information are stored physically in a separate remote location that was not compromised. Therefore, we don’t believe that your credit card information was accessed in a usable format.”

“Additionally, your EPP codes (required for domain transfers) were unaffected as they are also stored separately. We have no evidence to suggest that your data has been used for fraudulent activities.”

Author Rob Waugh, We Live Security

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
09 May 2013
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.