Another significant data breach has emerged, this time targeting Web.com and its subsidiaries, Network Solutions and Register.com. These companies are major players in the domain registration sector, serving millions of customers globally who rely on them for domain services.
The breach, disclosed recently, poses potential risks to customers’ account information. Founded in 1999 and based in Jacksonville, Florida, Web.com oversees Network Solutions and Register.com, providing essential services including web hosting and site design that empower users to create their online presence.
The incident reportedly occurred in late August 2019 when an unauthorized third party gained access to a limited portion of the company’s computer systems. It’s been revealed that millions of records belonging to both current and former clients were accessed. Web.com disclosed that it became aware of the intrusion by October 16, 2019, but did not elaborate on the method of the attack.
Among the compromised information are customers’ contact details such as names, addresses, phone numbers, and email addresses, along with specifics about services utilized. However, officials have confirmed that credit card data remains secure, as it is encrypted in compliance with Payment Card Industry (PCI) standards. This assurance is crucial as it significantly mitigates potential financial implications for those affected.
In the wake of this breach, the companies have swiftly acted to tighten security measures and are currently conducting a thorough investigation with a reputable independent cybersecurity firm to understand the breach’s extent. Furthermore, federal law enforcement has been notified, and the registrars are reaching out to affected customers to communicate necessary steps.
For those potentially impacted, it is advisable to change not only their Web.com, Network Solutions, and Register.com account passwords but also passwords for any other accounts that share the same credentials. The companies have indicated that additional security measures have been adopted for customer accounts and mentioned in a breach notice that a password reset will be required at the next login.
Despite no direct financial data being compromised, customers should remain vigilant and watch for phishing attempts as cybercriminals often exploit breaches to propagate further attacks. Furthermore, while the incident lacks financial data exposure, it is prudent for all users to monitor their banking and payment statements for any unusual activity.
This breach is not an isolated incident for Web.com; the company previously faced a notable data breach in August 2015, which impacted nearly 93,000 customers when personal and credit card information was compromised.
From a cybersecurity perspective, the attack illustrates a range of tactics, including initial access and potential privilege escalation. The MITRE ATT&CK framework suggests that adversaries may have employed techniques such as exploiting legitimate credentials or leveraging access to execute further malicious activities. Companies should remain aware of these methodologies when reviewing their cybersecurity practices and incident response protocols.
Being informed and prepared is essential in today’s digital landscape, especially for businesses reliant on the integrity of their customer data.
