Hackers hit domain registrar, access credit card data and passwords

Share this article:

A Denver-based domain name provider has suffered a breach where customers' personal data, including encrypted passwords and credit card information, was compromised.

On Wednesday, Name.com notified customers by email about the incident. The company said the breach appeared to be an attempt by an intruder to “gain information on a single, large commercial account at Name.com,” though an undisclosed number of customers were impacted in the process.

A Name.com customer posted the email on a community forum called MyBB on Wednesday.

“Name.com recently discovered a security breach where customer account information including usernames, email addresses, and encrypted passwords and encrypted credit card account information may have been accessed by unauthorized individuals,” the email said. The company added that it stores customer credit card data using a “strong encryption" method and that the private keys required to access the information are stored “physically in a separate remote location that was not compromised.”

Due to the security measure, the company said that it didn't believe customer credit card data could be accessed “in a usable format” by an attacker. Following the breach, Name.com has required all customers to reset their passwords.

On Thursday, SCMagazine.com reached out to Name.com, but did not immediately hear back from the company.

Name.com is the latest among a number of companies to be hit by breaches in recent weeks, including Reputation.com, a Redwood City, Calif.-based business that manages users' online reputation.

Reputation.com told customers that its systems were breach last Tuesday via email, and revealed that customer names, emails and physical addresses, and in some instances, phone numbers, dates of birth and job information were accessed. Encrypted user passwords, which where salted then hashed as an added layer of security, were also compromised.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.