The world's top domain registrars Web.com, Network Solutions, and Register.com disclosed a security breach that may have resulted in the theft of customers' account information.
Founded in 1999 and headquartered in Jacksonville, Florida, Web.com is a leading web technology company that owns both Network Solutions and Register.com. The companies offer web services like web hosting, website design, and online marketing to help people build their own websites.
What happened? — In late August 2019, a third-party gained unauthorized access to a "limited number" of the company's computer systems and reportedly accessed millions of records for accounts of current and former customers with Web.com, Network Solutions, and Register.com.
The company said it became aware of the security intrusion only on October 16, 2019, but did not disclose any details on how the incident happened.
What type of information was compromised? — According to the affected domain registrars, the stolen information includes contact details of their customers, such as:
- Phone numbers
- Email addresses
- Information about the services offered to a customer.
What type of information was not compromised? — The companies also confirmed that no credit card information was compromised as a result of the security breach incident since they claim to encrypt their customers' credit card numbers before storing them on their databases.
"We store credit card numbers in a PCI (Payment Card Industry) compliant encryption standard and do not believe your credit card information is vulnerable as a specific result of this incident," reads a breach notice published on websites of Web.com, Network Solutions, and Register.com.
Fight AI with AI — Battling Cyber Threats with Next-Gen AI Tools
Ready to tackle new AI-driven cybersecurity challenges? Join our insightful webinar with Zscaler to address the growing threat of generative AI in cybersecurity.Supercharge Your Skills
To be noted, the passwords for account logins of affected customers were also not compromised, which otherwise could have allowed attackers to permanently hijack domain names by transferring them to an account owned by attackers with a separate service.
What are the affected companies now doing? — The companies took necessary steps to stop the security intrusion upon discovery and immediately launched an investigation by engaging a leading independent cybersecurity firm to determine the scope of the incident.
The companies have also notified all the relevant authorities and already started working with federal law enforcement.
All three affected domain registrars are also in the process of contacting affected customers through email and via their websites.
What affected customers should do now? — As a precaution, affected customers are encouraged to change passwords for their Web.com, Network Solutions, and Register.com accounts and for any other online account where you use the same credentials.
Do it even if you are not affected—just to be on the safer side.
"We have already taken additional steps to secure your account, and there is nothing you need to do at this time. The next time you log in to your account, you will be required to reset your password," the domain registrars recommend.
Since the exposed data includes personal identifying information (PII), affected customers should mainly be suspicious of phishing emails, which are usually the next step of cybercriminals in an attempt to trick users into giving away their passwords and credit card information.
Although the data breach did not expose any financial information, it is always a good idea to be vigilant and keep a close eye on your bank and payment card statements for any unusual activity and report to the bank if you find any.
This is not the first time Web.com has disclosed a security incident. In August 2015, the company suffered a major data breach that had compromised personal and credit card information belonging to nearly 93,000 customers.