• Home
  • About Us
  • Contact
  • Advertise
  • Awards
  • Privacy Policy
  • Twitter
  • Facebook
  • RSS
TheDomains.com

Name.com Tells Customers To Change Password Due To Breach

May 8, 2013 by Michael Berkens

Name.com sent an email to customers today regarding a potential security breach. The compromised data was said to potentially include usernames, email addresses, encrypted passwords, and encrypted credit card data.

The official notice read:

Name.com recently discovered a security breach where customer account information including usernames, email addresses, and encrypted passwords and encrypted credit card account information may have been accessed by unauthorized individuals. It appears that the security breach was motivated by an attempt to gain information on a single, large commercial account at Name.com.

Name.com stores your credit card information using strong encryption and the private keys required to access that information are stored physically in a separate remote location that was not compromised. Therefore, we don’t believe that your credit card information was accessed in a usable format. Additionally, your EPP codes (required for domain transfers) were unaffected as they are also stored separately. We have no evidence to suggest that your data has been used for fraudulent activities.

As a response to these developments, and as a precautionary measure, we are requiring that all customers reset their passwords before logging in. If you use your previous Name.com password in other online systems, we also strongly recommend that you change your password in each of those systems as well.

We take this matter very seriously. We’ve already implemented additional security measures and will continue to work diligently to protect the safety and security of your personal information.

We sincerely apologize for the inconvenience. If you need any additional assistance or have any questions please email customercare@name.com. We’ll continue to be as open and honest with you as possible as additional important information becomes available, so keep your eye out for a blog post or additional emails.

Thanks,
The Name.com Team

Filed Under: Uncategorized

About Michael Berkens

Michael Berkens, Esq. is the founder and Editor-in-Chief of TheDomains.com. Michael is also the co-founder of Worldwide Media Inc. which sold around 70K domain to Godaddy.com in December 2015 and now owns around 8K domain names . Michael was also one of the 5 Judges selected for the the Verisign 30th Anniversary .Com contest.

« DomainAgents.com Helps Startup Acquire Dream Domain Radius.com For $100K
Network Solutions Seizes Over 700 Domain Names & Sites Associated To Syrian President »

Comments

  1. Acro says

    May 8, 2013 at 1:31 pm

    At which point will be registrars held accountable for such loss of personal data?

  2. BullS says

    May 8, 2013 at 1:47 pm

    “At which point will be registrars held accountable for such loss of personal data?”

    The answer is NO-because they don’t have to and they can get away with anything they want. Like any politicians and businesses, they can do whatever they want knowing the fact that they won’t be any consequences against them.

  3. BullS says

    May 8, 2013 at 1:49 pm

    they =there

    The only way to fight back is the $$$ in your pants.

    Don’t vote for them and don’t do business with with them- vote with your $$$ in your pants.

  4. Alan says

    May 8, 2013 at 1:56 pm

    I found out that my account there was hacked into by someone in Bronx, NY on March 10th,
    but everything seems to be okay.

  5. Brands-and-Jingles says

    May 8, 2013 at 2:35 pm

    Now imagine someone hacked DLS or MLS… how many names would shift hands in a matter of a second?

    Registrar should be more stringent when it comes to security.

  6. cctlddk says

    May 8, 2013 at 2:55 pm

    Good thing Name had the credit cards encrypted.

    Last year in september one of the retailers where i shop got hacked into. Credit Card info was heavilly encrypted but the email said keep an eye out.
    4 Months later my credit card was blocked since it was being used in high risk countries and lucky for me the bank refused all transactions.

    A week later i got an email from the retailer again that they had strong indications the encryption was broken and i should be aware of unusual transactions.

    Lesson learned, i never let any retailer, webshop have my credit card info onfile, even if it is encrypted. And if the payment process does not include an RSA keycard reader procedure i will not even shop there.

  7. Ryan Jenkins says

    May 8, 2013 at 3:04 pm

    This is funny, because I couldn’t log into my account at name today, before this article, I had to do a password reset, wtf serious stuff here name

  8. BullS says

    May 8, 2013 at 3:35 pm

    Blame it on N.Korea, China, Iraq, Russia and etc

  9. BrianWick says

    May 8, 2013 at 3:39 pm

    Hi Ryan –
    I keep an account at Name.com as well – and could not log in either – so I had to reset the password.
    I never got an email from Name.com as to the breach – searched my delete and junk folders as well.
    They may have just reset all the passwords instead of sending the email ?

  10. Jeff Schneider says

    May 8, 2013 at 3:51 pm

    Hello MHB,

    Was Moniker hacked as well?

    Gratefully, JeffSchneider (Contact Group0 (Metal Tiger)

  11. Michael Berkens says

    May 8, 2013 at 3:56 pm

    Jeff

    According to this story they were but haven’t gotten any confirmation:

    http://www.domainnamenews.com/registrars/hackers-break-in-to-prominent-domain-registrars-moniker-melbourne-it-name-com-and-xinnet/22534

  12. Michael Berkens says

    May 8, 2013 at 4:10 pm

    Guys

    We just got a notice for our own name.com account just minutes ago and hours after we posted the notice that another customer received.

    Therefore the notices seem to still be going out

  13. Ryan Jenkins says

    May 8, 2013 at 6:41 pm

    Name is all messed up, I was trying to move some names from another registar into name, and the system is down. Looks like they have taken some functions offline, bigger than we think.

  14. BrianWick says

    May 8, 2013 at 6:48 pm

    Disgruntled employee over the demand media purchase ?
    I would have to think – as a precaution – if there are any transfers out in process – they would be cancelled and the owner would be forced to reinitiate them ?

  15. Domo Sapiens says

    May 8, 2013 at 7:34 pm

    If I am reading correctly (Domain Name Wire) this happened late last year…

    if so and all things considered ….

    Shame on them.

  16. Dave Zan says

    May 8, 2013 at 11:16 pm

    At which point will be registrars held accountable for such loss of personal data?

    If someone demonstrates direct material loss due to this incident, probably.

    The answer is NO-because they don’t have to and they can get away with anything they want. Like any politicians and businesses, they can do whatever they want knowing the fact that they won’t be any consequences against them.

    To be arguably fair, Name.com acknowledged the breach, apologized for it, and stated what they’re doing. But, I guess that’s not enough, even though they risk ire from some people?


Recent Articles

  • Sedo weekly domain name sales led by ThisAV.com
  • CentralNic 2022 gross revenue of about USD728 million
  • Is The Rock going into politics? A couple domain name registrations point in that direction

Recent Comments

  • Charles on What is a fair sales commission rate?
  • zakaria on What is a fair sales commission rate?
  • Steve on What is a fair sales commission rate?
  • Steve on ChatGPT.net sells for $8,900 at DAN.com
  • Snoopy on What is a fair sales commission rate?

Categories

Archives

Copyright ©2022 TheDomains.com — Published by Worldwide Media, Inc. — Site by Nuts and Bolts Media