Name.com Hacked, Company Resets Customer Passwords
Name.com has started sending out notifications to customers, informing them about a data breach. The company believes that hackers might have accessed usernames, email addresses, encrypted passwords and encrypted credit card information.
The Internet registrar says it stores the private keys needed to access credit card information in a separate remote location that hasn’t been compromised, so it’s unlikely that the cybercriminals can access it in a usable format.
EEP codes, which are required for domain transfers, are also said to be safe, and there’s no evidence to suggest that customer data has been used for fraudulent activities.
As a precaution, all customers are required to reset their passwords before logging in to their accounts. Additional security measures have also been implemented to avoid future incidents.
“It appears that the security breach was motivated by an attempt to gain information on a single, large commercial account at Name.com,” the notification sent to customers reads.
However, there’s more to the story. The Hack The Planet (HTP) group has taken responsibility for the attack.
The hackers claim that Name.com is just one of the many high-profile organizations they’ve targeted, including the National Vulnerability Database, Linode, Xinnet, Melbourne IT, Moniker, MIT, Symantec, and even security firm Sucuri.
In the case of Xinnet, they have allegedly gained access to 5.5 million domains.
HTP says it has targeted Linode to get back at a group that impersonated another crew called “ac1db1tch3z.”
“We quickly switched into a fallback network and found out they used SwiftIRC. SwiftIRC's nameservers were none other than Linode,” the hackers explained.
In the process, they have also breached Name.com, which is Linode’s registrar.
HTP says the Linode worked with the FBI – which had some informants in HTP. Apparently, the FBI was the one who ordered Linode to disclose the breach.
The hackers promised Linode they would “shred” the data obtained from their systems, but the FBI didn’t trust HTP.