In the wake of the major Capital One data theft, the company appears to have registered a large swath of domain names related to the incident. From what I can see, it looks like the company, via its domain management firm MarkMonitor, began registering domain names on July 30th. My guess is the domain names are more defensive in nature, in order to keep them out of the hands of bad actors who could use them for phishing or other schemes.
The registration spree was first noted by Jamie Zoch in a tweet this morning:
Capital One registers at least 192 #domain names via MM in relation to the data breach. Nearly all of them are useless typos (cap/kap) (1/one) many “2019”. CapitalOneBreach(.)com appears to be a focus but that was registered at Google 2 days ago on Netherlands IP address.
— Jamie Zoch (@DotWeekly) July 31, 2019
Using DomainIQ, I was able to see some of the domain names that have been registered by Capital One. Here are 5 of them:
- Capital1Hacked.com
- CapitalOneCompromised.com
- CapitalOneAccountHacked.com
- BreachAtCapOne.com
- CapitalOneCreditCardBreach.com
Capital One may have started registering related domain names a bit later than they should have, although it is better to be late than to overlook this completely. It looks like third parties registered a few of the “better” domain names Capital One likely would have wanted to buy had they been available.
A separate domain name not owned by Capital One is CapitalOneLawsuit.com. That domain name was registered back in 2006. Capital One is the registrant of CapitalOneClassAction.com. I am sure there will be some legal ramifications for the company as a result of this situation.