Hackers steal credit card data, passwords from domain registrar

By on
Hackers steal credit card data, passwords from domain registrar

Says its encryption is sufficient.

Customer personal data including encrypted passwords and credit card information has been stolen following a breach of domain provider Name.com.

The registrar notified customers by email and said the breach appeared to be an attempt by an intruder to “gain information on a single, large commercial account at Name.com.”

It was not known how many customers were affected.

“Name.com recently discovered a security breach where customer account information including usernames, email addresses, and encrypted passwords and encrypted credit card account information may have been accessed by unauthorized individuals,” the email said.

The company added that it stores customer credit card data using a “strong encryption" method and that the private keys required to access the information are stored “physically in a separate remote location that was not compromised”.

It said the encrypted card data would be likely useless to attackers.

Name.com has required all customers to reset their passwords.

SC reached out to Name.com, but did not immediately hear back from the company.

Name.com is the latest among a number of companies to be hit by breaches in recent weeks, including Reputation.com, a Californian business that manages users' online reputation.

Reputation.com told customers that its systems were breach last Tuesday via email, and revealed that customer names, emails and physical addresses, and in some instances, phone numbers, dates of birth and job information were accessed.

Encrypted user passwords, which where salted then hashed as an added layer of security, were also compromised.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition

Most Read Articles

Log In

  |  Forgot your password?