Bottle Domains customers caught in security scare

Powered by SC Magazine
 

The Australian Federal Police is investigating a security breach at Australian registrar Bottle Domains that may have exposed an unknown number of account and domain name passwords.

Several calls placed by iTnews to Bottle today were not returned.

But in a letter issued to customers today, Bottle said that "a number" of its accounts had been targeted and that it had "updated" both the account and domain name passwords for its customer base "as a precautionary measure".

"Whilst strict security is in place, we have taken further measures to enhance and protect your security, including human verification of important registry updates," Andrew Steven, general manager at Bottle Domains, said in the letter.

"We are working in conjunction with the Australian Domain Administrator, relevant authorities, and independent security experts to review and consider even further measures to protect your important data".

The Australian Domain Administrator, auDA, has confirmed the breach took place.

auDA chief Chris Disspain said that Bottle had been instructed to change passwords and conduct an independent security audit of its operating systems.

"auDA is working with Bottle Domains to manage any security risks arising from the incident, and has today sent email notification to customers of Bottle Domains," Disspain said.

"Whilst the AFP investigation is ongoing, it is inappropriate for auDA to make any further comment. However, auDA will take further action as necessary when the investigation is completed."

Domain Central is also understood to have reset passwords following the breach.

Calls to Domain Central's main customer support number went directly to voicemail.

But in a separate email to customers, the company's customer service team said it had "no indication" of any accounts being directly affected by the breach.

"We have been made aware of a security attack on another Domain Registrar owned and operated by Domain Central¹s parent company, and although we have no indication that any Domain Central accounts are affected, and note that Domain Central is on an independent platform to this Registrar, we feel that as a matter of prudency, greater security measures are justified," the email said.

"Over the near future Domain Central will be introducing new account features which improve security and awareness of changes to your services, in our continuing effort to improve features and the security of our customer¹s critical services."

More to come


Bottle Domains customers caught in security scare
 
 
 
Top Stories
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 319

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  57%
 
No
  43%
TOTAL VOTES: 122

Vote