Late last night, Name.com, one of the largest domain registrars on the Internet has informed its customers of a database breach:
Dear ________,
We are writing to inform you of a security measure we have taken to protect the integrity of the domain names and information associated with your account.
Name.com recently discovered a security breach where customer account information including usernames, email addresses, and encrypted passwords and encrypted credit card account information may have been accessed by unauthorized individuals. It appears that the security breach was motivated by an attempt to gain information on a single, large commercial account at Name.com.
Name.com stores your credit card information using strong encryption and the private keys required to access that information are stored physically in a separate remote location that was not compromised. Therefore, we don’t believe that your credit card information was accessed in a usable format. Additionally, your EPP codes (required for domain transfers) were unaffected as they are also stored separately. We have no evidence to suggest that your data has been used for fraudulent activities.
As a response to these developments, and as a precautionary measure, we are requiring that all customers reset their passwords before logging in. If you use your previous Name.com password in other online systems, we also strongly recommend that you change your password in each of those systems as well.
Please click the link below to reset your password:
https://www.name.com/account/reset/xxxxx We take this matter very seriously. We’ve already implemented additional security measures and will continue to work diligently to protect the safety and security of your personal information.
We sincerely apologize for the inconvenience. If you need any additional assistance or have any questions please email customercare@name.com. We’ll continue to be as open and honest with you as possible as additional important information becomes available, so keep your eye out for a blog post or additional emails.
Thanks,
The Name.com Team
Several interesting bits of information can be found on this email. For one, they claim that attackers could get access to username, email address, encrypted passwords and encrypted credit card details. All sensitive information, and even though some data is encrypted (we have no idea how the data was encrypted, what algorithms and so on). Attackers are certainly already trying to decrypt all that data. Or they sold them in bulk and somebody else is encrypting them.
Another highly interesting thing is the statement, that the attack was most likely executed to gain acces to a single, large commercial account. We can only speculate who that might have been.
As a final note, it is always a very good idea to not use the same password on several accounts. Create a random, unique password for every service you use. And store them in a secure container. Personally I use 1Password, which can be synchronised with my mobile device and my computers.
Have you also been a victim of the Name.com database breach? Let us know in the comments.