Bottle Domains customers caught in security scare

Powered by SC Magazine
 

The Australian Federal Police is investigating a security breach at Australian registrar Bottle Domains that may have exposed an unknown number of account and domain name passwords.

Several calls placed by iTnews to Bottle today were not returned.

But in a letter issued to customers today, Bottle said that "a number" of its accounts had been targeted and that it had "updated" both the account and domain name passwords for its customer base "as a precautionary measure".

"Whilst strict security is in place, we have taken further measures to enhance and protect your security, including human verification of important registry updates," Andrew Steven, general manager at Bottle Domains, said in the letter.

"We are working in conjunction with the Australian Domain Administrator, relevant authorities, and independent security experts to review and consider even further measures to protect your important data".

The Australian Domain Administrator, auDA, has confirmed the breach took place.

auDA chief Chris Disspain said that Bottle had been instructed to change passwords and conduct an independent security audit of its operating systems.

"auDA is working with Bottle Domains to manage any security risks arising from the incident, and has today sent email notification to customers of Bottle Domains," Disspain said.

"Whilst the AFP investigation is ongoing, it is inappropriate for auDA to make any further comment. However, auDA will take further action as necessary when the investigation is completed."

Domain Central is also understood to have reset passwords following the breach.

Calls to Domain Central's main customer support number went directly to voicemail.

But in a separate email to customers, the company's customer service team said it had "no indication" of any accounts being directly affected by the breach.

"We have been made aware of a security attack on another Domain Registrar owned and operated by Domain Central¹s parent company, and although we have no indication that any Domain Central accounts are affected, and note that Domain Central is on an independent platform to this Registrar, we feel that as a matter of prudency, greater security measures are justified," the email said.

"Over the near future Domain Central will be introducing new account features which improve security and awareness of changes to your services, in our continuing effort to improve features and the security of our customer¹s critical services."

More to come


Bottle Domains customers caught in security scare
 
 
 
Top Stories
Time management tips for CIOs
[Blog post] How to get to the genba.
 
Making a case for collaboration
[Blog post] Tap into your company’s people power.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  69%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  10%
 
Denial of service attacks
  6%
 
Insider threats
  11%
TOTAL VOTES: 1109

Vote