NameSilo

Afternic just notified me of a breach

Labeled as security in Domain Industry News, started by Mister Funsky, Feb 22, 2021

Replies:
60
Views:
3,272

  1. Mister Funsky

    Mister Funsky Top Contributor VIP

    Posts:
    5,019
    Likes Received:
    18,788
    So, did anyone else get this notice?

    Dear xxxxxxxxxxx ,

    We want to make you aware of a security incident we recently identified.

    On Thursday, February 12, a security researcher contacted us about a potential issue with a Web API. We immediately opened an investigation and found a misconfigured server accessible though the API. Using this API, the security researcher crafted a specific request that returned information from other customer accounts.

    Through our audits, we identified this specific API call was run against a small segment of our customers’ accounts. Unfortunately, your information may have been viewed using this call, which includes your first name, last name, email address, physical address, telephone number, and your Afternic username. At no point was your password or credit card information at risk.

    As soon as we identified the issue, we removed the server from rotation, securing our API infrastructure.

    Please monitor for any suspicious communications that may come from third parties through the contact details that were on your Afternic account (e.g. email/telephone number).

    We are very sorry this incident happened. Protecting the privacy of our customers is our top priority and we let you down in this instance. Our team is committed to preventing these types of incidents in the future and we’ll always be forthcoming in our communications with you.

    If you have any questions, please email [email protected].

    Best regards,
    The Afternic Team
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Mister Funsky

    Mister Funsky Top Contributor VIP

    Posts:
    5,019
    Likes Received:
    18,788
    Whew...I thought it was something bad. <sarcasm>

    According to Afternic, all they got was my legal name, email address, physical address and phone number.
    At least they are sorry and they were forthcoming...10 days after the hack.
     
  3. boziffous

    boziffous Established Member ★★★★★★★★★★

    Posts:
    193
    Likes Received:
    322
  4. infmoney

    infmoney Top Contributor VIP

    Posts:
    1,389
    Likes Received:
    853
    I just got the email as well. Maybe that's why I'm receiving more spam calls and emails than usual??
     
  5. pb

    pb Top Contributor VIP ★★★★★★★★★★

    Posts:
    880
    Likes Received:
    2,255
    I didn't get that e-mail, so maybe they only sent the info to those actually affected?
    Anyway the website looks ancient, so probably the backend is outdated too. :-/
     
  6. bmugford

    bmugford www.DataCube.com PRO VIP ICA Member ★★★★★★★★★★

    Posts:
    12,193
    Likes Received:
    19,617
  7. AEProgram

    AEProgram Top Contributor VIP Blue Account

    Posts:
    1,764
    Likes Received:
    3,495
    major kudos to them for being upfront and not waiting to announce things. This happens to companies of all sizes, the good news is domainers are more prepped for scammers than pretty much anyone else. We get targeted with schemes all the time.
     
  8. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    567
    Likes Received:
    1,649
    New outbound: "Hello Real N. Ame, I got your email address though the Godaddy API. Let's meet today at your place to discuss some great domain alternatives I'd like to liquidate this week. Can I call you now?"
     
  9. GTBAAA

    GTBAAA Established Member

    Posts:
    54
    Likes Received:
    96
    @Joe Styler was serious when he said "there is a lot going on at Afternic"... Shaking my head...
     
  10. pb

    pb Top Contributor VIP ★★★★★★★★★★

    Posts:
    880
    Likes Received:
    2,255
    A new business emerges: dating site for domainers, thousands signed up from day one (without knowing). :whistle:

    "Meet hot domainers from your area." :xf.love:
     
    Last edited: Feb 22, 2021
  11. carob

    carob Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,719
    Likes Received:
    4,868
    Last edited: Feb 22, 2021
  12. Embrand

    Embrand Top Contributor VIP ICA Member ★★★★★★★★★★

    Posts:
    1,559
    Likes Received:
    1,561
  13. carob

    carob Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,719
    Likes Received:
    4,868
    Would that be namehos?
     
  14. carob

    carob Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,719
    Likes Received:
    4,868
    Yes and someone told them their servers look better dressed in breeches so full marks to them for trying:
    https://en.wikipedia.org/wiki/Breeches
     
  15. GTBAAA

    GTBAAA Established Member

    Posts:
    54
    Likes Received:
    96
    So funny, AfternicSucks dot com is forwarded to Afternic dot com. First time I have seen that. Usually companies buy and bury....

    Not Afternic - they want the people who believe they suck to have a seamless gateway to their real site.
     
    Last edited: Feb 22, 2021
  16. domaineed

    domaineed Established Member

    Posts:
    661
    Likes Received:
    409
  17. The Durfer

    The Durfer Top Contributor VIP Gold Account

    Posts:
    9,108
    Likes Received:
    13,100
  18. Future Sensors

    Future Sensors 78% of human domainers will be replaced by robots Gold Account

    Posts:
    567
    Likes Received:
    1,649
    Not yet received the email about the breach. When did you all receive the email?
     
  19. LUP

    LUP Top Contributor VIP

    Posts:
    2,848
    Likes Received:
    697
  20. boziffous

    boziffous Established Member ★★★★★★★★★★

    Posts:
    193
    Likes Received:
    322
    55 minutes ago
     
  21. Mister Funsky

    Mister Funsky Top Contributor VIP

    Posts:
    5,019
    Likes Received:
    18,788
    Just a couple of mins before I made the first post.
     
  22. sharfab

    sharfab Established Member

    Posts:
    613
    Likes Received:
    1,461
    I have not got the email yet...
     
  23. ddesigns

    ddesigns Established Member ★★★★★★★★★★

    Posts:
    2,034
    Likes Received:
    181
    Received similar mail 1 hour back.
     
  24. suitedbrand

    suitedbrand Established Member

    Posts:
    17
    Likes Received:
    38
    Found the data leak by concidence when I was visiting one of my listings. There was a link to my profile that contained my username, even though I opted to hide it via the privacy settings.

    So I looked closer, opened the network tab of my browser and was surprised to find the said API call that returned not only my username, but a lot of other personal and account related information too.

    In order to validate the leak was not related to my account only, I visited a few listings of other sellers and was able to retrieve the same information about them.

    I reported the issue and after @Paul Nicks read my message it was fixed pretty quickly.

    Probably everyone received the email who had visitors who happened to use the "misconfigured server" on their listing pages because this triggered the API call in the background.
     
  25. MHExplorer

    MHExplorer Established Member

    Posts:
    100
    Likes Received:
    83
    What about the bank details (payout details). All gone.
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...