Last week, I wrote about a security incident at Network Solutions, Register.com, and Web.com that was announced by these registrars. All three of these domain registrars owned and operated by Web.com. By chance, when I was logging in to my Register.com account, I discovered the security alert that appeared to be quietly published by the registrars. I had not received an email about the incident, nor did I see any mention of it on social media. At the time I published my article, I was told the registrars were in the process of notifying customers about the alert via email.
Several days later, I just received an email from Network Solutions, where I have an account because of my NameJet account. I have not yet received an email about the incident from Register.com.
The email I received is posted below. In my opinion, the email should have been sent to all customers much sooner. While it does not appear that account passwords or credit card numbers were taken, other information that was reportedly taken could impact customers.
Here’s the security email that I received from Network Solutions:
Important Security Information
November 5, 2019What Happened?
On October 16, 2019, Network Solutions determined that a third-party gained unauthorized access to a limited number of our computer systems in late August 2019, and as a result, account information may have been accessed. No credit card data was compromised as a result of this incident.Upon discovery of this unauthorized access, the company immediately began working with an independent cybersecurity firm to conduct a comprehensive investigation to determine the scope of the incident, including the specific data impacted. We have also reported the intrusion to federal authorities and are notifying affected customers.
Safeguarding our customers’ information is core to our mission. We are committed to protecting our customers against misuse of their information and have invested heavily in cybersecurity. We will continue to do so as we incorporate the key learnings of this incident to further strengthen our cyber defenses.
What Information Was Involved?
Our investigation indicates that account information for current and former Network Solutions customers may have been accessed. This information includes contact details such as name, address, phone numbers, email address and information about the services that we offer to a given account holder. We encrypt credit card numbers and no credit card data was compromised as a result of this incident.What Are We Doing?
Upon discovery, Network Solutions took immediate steps to stop the intrusion. We promptly engaged a leading independent cybersecurity firm to investigate and determine the scope of the incident. We notified the proper authorities and began working with federal law enforcement.We are notifying affected customers through email and via our website, and as an additional precaution are requiring all users to reset their account passwords.
What You Can Do
We have taken additional steps to secure your account, and you will be required to reset your password the next time you log in to your Network Solutions account. As with any online service or platform, it is also good security practice to change your password often and use a unique password for each service.For More Information
For more information visit notice.networksolutions.com or call 1-866-906-0477 or for international, call +1-570-708-8785.
Wow, this in interesting. It would definitely make me uneasy that didn’t notify all of their users sooner and have them change their passwords. Recommend two factor!