BreachExchange mailing list archives
Name.com Tells Customers To Change Password Due To Breach
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Thu, 9 May 2013 10:03:06 -0400
http://www.thedomains.com/2013/05/08/name-com-tells-customers-to-change-password-due-to-breach/ Name.com sent an email to customers today regarding a potential security breach. The compromised data was said to potentially include usernames, email addresses, encrypted passwords, and encrypted credit card data. The official notice read: Name.com recently discovered a security breach where customer account information including usernames, email addresses, and encrypted passwords and encrypted credit card account information may have been accessed by unauthorized individuals. It appears that the security breach was motivated by an attempt to gain information on a single, large commercial account at Name.com. Name.com stores your credit card information using strong encryption and the private keys required to access that information are stored physically in a separate remote location that was not compromised. Therefore, we don’t believe that your credit card information was accessed in a usable format. Additionally, your EPP codes (required for domain transfers) were unaffected as they are also stored separately. We have no evidence to suggest that your data has been used for fraudulent activities. As a response to these developments, and as a precautionary measure, we are requiring that all customers reset their passwords before logging in. If you use your previous Name.com password in other online systems, we also strongly recommend that you change your password in each of those systems as well. We take this matter very seriously. We’ve already implemented additional security measures and will continue to work diligently to protect the safety and security of your personal information. We sincerely apologize for the inconvenience. If you need any additional assistance or have any questions please email customercare () name com. We’ll continue to be as open and honest with you as possible as additional important information becomes available, so keep your eye out for a blog post or additional emails. Thanks, The Name.com Team _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Name.com Tells Customers To Change Password Due To Breach Erica Absetz (May 09)