Name.com - Security Notice: Password Reset‏

[htmlindex]

I just got this email today. Apparently Name.com has had their systems hacked. Does anyone else know more about this? This seems very concerning.

We are writing to inform you of a security measure we have taken to protect the integrity of the domain names and information associated with your account.

Name.com recently discovered a security breach where customer account information including usernames, email addresses, and encrypted passwords and encrypted credit card account information may have been accessed by unauthorized individuals. It appears that the security breach was motivated by an attempt to gain information on a single, large commercial account at Name.com.

Name.com stores your credit card information using strong encryption and the private keys required to access that information are stored physically in a separate remote location that was not compromised. Therefore, we don't believe that your credit card information was accessed in a usable format. Additionally, your EPP codes (required for domain transfers) were unaffected as they are also stored separately. We have no evidence to suggest that your data has been used for fraudulent activities.

As a response to these developments, and as a precautionary measure, we are requiring that all customers reset their passwords before logging in. If you use your previous Name.com password in other online systems, we also strongly recommend that you change your password in each of those systems as well.

Please click the link below to reset your password:
https://www.name.com/account/reset/**************************

We take this matter very seriously. We've already implemented additional security measures and will continue to work diligently to protect the safety and security of your personal information.

We sincerely apologize for the inconvenience. If you need any additional assistance or have any questions please email [email protected]. We'll continue to be as open and honest with you as possible as additional important information becomes available, so keep your eye out for a blog post or additional emails.

Thanks,
The Name.com Team

 

[lothos]

Does anyone else know more about this?

It's legit, change your password.

Moniker and Melbourne IT just got hacked too. Moniker never bothered to email me. The nice folks at Name.com did, and they stepped up their security. It can happen to anyone. Name.com has a security fob that I use, I would suggest everyone else do the same.

 

[htmlindex]

It's legit, change your password.

Moniker and Melbourne IT just got hacked too. Moniker never bothered to email me.

Yeah, never got an email from Moniker either.

 

[mrcurly]

I keep on getting one from outlook asking me to "log back in", If I have my outlook account open for more than 6 hours, not sure if that should happen

 

[lincolndsp]

thanks for the heads up.
though it's late still deleted my credit card profiles. hope the hackers won't decrypt those cards and cvvs

 

[JFS]

there's already a topic talking about this on industry news....
http://www.namepros.com/industry-news/792622-name-com-urges-customers-change-password.html

 

[Mobiller]

I got my one yesterday and it was a legit one, so I just updated my password as instructed on the email.

 

[alien51]

Moniker never bothered to email me.

They only have 3 employees at Moniker. The third guy is a security guard. And the 2nd guy is an intern.

 

[dragtastic]

Great - This is such a pain in the @ss

 

[Havela]

thanks for the heads up.
though it's late still deleted my credit card profiles. hope the hackers won't decrypt those cards and cvvs

You and me both.

I just don't understand why so many online businesses insist on accepting cards on their own amateurish platforms. At least they could allow PayPal in addition, so customers could choose. I would SO prefer to use PayPal every time I shop online. They are specialists on online payment and security, and then these other businesses could concentrate on what they do best.

I will never forget when my credit card details (and main domain email address) were lifted off SnapNames. SnapNames even require you to give your credit card details when registering - what sort of customer service is that? I have never dared go near them since.

Thankfully my bank covered the hit on my credit card, but the email address was abused for spoofing which again led to blacklisting, and to this day my main business website has never recovered in Google. Unfortunately, it is irreplaceable.

These days, I always use Gmail and PayPal wherever I can.

 

[Kate]

PayPal have had security flaws from time to time too.
They even have a bug bounty program.
The problem with PayPal is that they are a law unto themselves and sometimes decide to limit your account for arbitrary reasons.

If I remember well the hackers are those who breached Linode recently, not sure if they were able to gain a foothold on the websites as a result.

In the case of name.com, it appears to be yet another SQL injection exploit.

 

[angel69]

Where did you guys see Moniker got hacked ? First I hear of this. Just what those people need. Even more bad press

Having any names at Moniker these days has become just nerve wracking

 

[Kate]

Actually it was Oversee.

Melbourne IT also suffered a breach at the same time.

 

[lothos]

Where did you guys see Moniker got hacked ? First I hear of this. Just what those people need. Even more bad press

Having any names at Moniker these days has become just nerve wracking

http://www.domainnamenews.com/regis...oniker-melbourne-it-name-com-and-xinnet/22534

 

[angel69]

thanks, lothos

amazing that moniker did not bother to email customers, no wonder so many are deserting them

nice avatar too !

http://www.domainnamenews.com/regis...oniker-melbourne-it-name-com-and-xinnet/22534