Incidents

Web.com, register.com, and Network Solutions were hacked; secure the data of your web domains

Network security specialists report that web hosting services Register.com, Web.com and Network Solutions, were victims of a data breach a couple of months ago, although the incident would have been detected until October 16.

A joint statement mentions that “an
unauthorized third party gained access to a small number of systems at all
three sites during the last days of August 2019. As a result, the information
in these accounts could have been compromised”.

According to network security experts, threat
actors obtained multiple details about users, including:

  • Full
    names
  • Address
    of hosted websites
  • Email
    addresses
  • Phone
    numbers
  • Services
    hired at each hosting site

As a security measure, Web.com will ask all of
its users to perform a password reset; however, a company representative
mentioned that password encryption is a standard practice on this platform, so
the users’ access keys remained protected during the incident: “We don’t
believe that the information was exposed as a specific result of this
incident,” the spokesman added.

It was also specified that the payment card
data of the users were not exposed during this incident, as this information is
operated by a certified third party. The company claims that the data breach
has already been notified to the competent authorities. However, the company
mentions that users should not let their guard down and remain alert to any
suspicious activity on their bank accounts, especially of those online.

Finally, network security specialists from the
International Institute of Cyber Security (IICS) mention that the danger
remains latent, as the threat actors in charge of this attack could use the
compromised information to deploy spear
phishing
campaigns.

In addition, they advise users of any of these
web hosting services not to wait for instructions from companies and reset
their login credentials as soon as possible. Upon the possible launch of a
sophisticated phishing campaign, users are also advised to ignore
suspicious-looking emails as well as attachments or links to external sites
they might receive.

Comments
To Top

Pin It on Pinterest

Share This