Hack the Planet, the same group which hacked Linode just a few weeks ago, also hacked in to the name.com servers. This news comes with a chain of allegations claimed by HTP ( Hack The Planet ) . According to HTP and to put a long story short, they wanted to break in to a IRC network called swiftIRC and to do that they needed to hack in to the Linode because its the host of SwiftIRC. So to break in to the Linode they decided to break in to Name.com and acquire the linode.com domain. So they broke in to name.com and also at the same time one of HTP’s member found about a cold fusion exploit and they gained access to linode by using that.
Name.com promptly sent an email to their clients asking to reset their login passwords, Here is the email
We are writing to inform you of a security measure we have taken to protect the integrity of the domain names and information associated with your account.
Name.com recently discovered a security breach where customer account information including usernames, email addresses, and encrypted passwords and encrypted credit card account information may have been accessed by unauthorized individuals. It appears that the security breach was motivated by an attempt to gain information on a single, large commercial account at Name.com.
Name.com stores your credit card information using strong encryption and the private keys required to access that information are stored physically in a separate remote location that was not compromised. Therefore, we don’t believe that your credit card information was accessed in a usable format. Additionally, your EPP codes (required for domain transfers) were unaffected as they are also stored separately. We have no evidence to suggest that your data has been used for fraudulent activities.
As a response to these developments, and as a precautionary measure, we are requiring that all customers reset their passwords before logging in. If you use your previous Name.com password in other online systems, we also strongly recommend that you change your password in each of those systems as well.
Please click the link below to reset your password:
We take this matter very seriously. We’ve already implemented additional security measures and will continue to work diligently to protect the safety and security of your personal information.
We sincerely apologize for the inconvenience. If you need any additional assistance or have any questions please email email@example.com. We’ll continue to be as open and honest with you as possible as additional important information becomes available, so keep your eye out for a blog post or additional emails.
The Name.com Team
This kind of incidents happen and I think name.com already had good security measures and all to prevent a data leak, but I think they have made a huge mistake by providing a link to reset the passwords because this can be used by hackers again to impersonate name.com and phish peoples login’s by sending fraudulent emails. Whatever, change your passwords now by going directly to name.com if you are a customer.
Last 5 posts by Ruchira
- Slotomania Free Slot Games Review - February 24th, 2015
- The Role of Social Media and SEO - October 25th, 2013
- Google announces uProxy to overcome internet censorship - October 22nd, 2013
- Command line bandwidth monitors for Linux - October 21st, 2013
- Problem Kids: When You Know How To Spy On iPhone Remotely, You Worry Less And Focus Better! - August 19th, 2013