Hackers hit domain registrar, access credit card data and passwords

Share this article:

A Denver-based domain name provider has suffered a breach where customers' personal data, including encrypted passwords and credit card information, was compromised.

On Wednesday, Name.com notified customers by email about the incident. The company said the breach appeared to be an attempt by an intruder to “gain information on a single, large commercial account at Name.com,” though an undisclosed number of customers were impacted in the process.

A Name.com customer posted the email on a community forum called MyBB on Wednesday.

“Name.com recently discovered a security breach where customer account information including usernames, email addresses, and encrypted passwords and encrypted credit card account information may have been accessed by unauthorized individuals,” the email said. The company added that it stores customer credit card data using a “strong encryption" method and that the private keys required to access the information are stored “physically in a separate remote location that was not compromised.”

Due to the security measure, the company said that it didn't believe customer credit card data could be accessed “in a usable format” by an attacker. Following the breach, Name.com has required all customers to reset their passwords.

On Thursday, SCMagazine.com reached out to Name.com, but did not immediately hear back from the company.

Name.com is the latest among a number of companies to be hit by breaches in recent weeks, including Reputation.com, a Redwood City, Calif.-based business that manages users' online reputation.

Reputation.com told customers that its systems were breach last Tuesday via email, and revealed that customer names, emails and physical addresses, and in some instances, phone numbers, dates of birth and job information were accessed. Encrypted user passwords, which where salted then hashed as an added layer of security, were also compromised.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.