Just under two weeks ago, the folks at Web.com group announced they had an incident and that their systems had been compromised. Reading through their release, they make the following assertions:
- No credit card data was compromised as a result of this incident.
- Contact details such as “name, address, phone numbers, email addresses and information about the services offered to a given account holder”
Now, while it appears they believe that customer passwords were not disclosed, they are having everyone reset their passwords as a precaution, just in case.
We’ve had a few clients reach out asking about this breach in particular, as they’ve received an email but are confused as they don’t remember having done business with ‘web.com’ in the past.
Web.com also owns the following other companies you may have had a relationship with in the past:
- Network Solutions
So, given the popularity of Network Solutions and Register.com as domain registration providers in the past, odds are you’ve received the email regarding an account under one of those two names instead of ‘web.com’. Unfortunately, in a couple of conversations, we’ve discovered clients who had an old, no longer maintained email address connected to a domain registration with Network Solutions, and so they never received an email regarding the situation at all.
Our suggestion is that if you have an account with any Web.com group entity, including Network Solutions and Register.com, and have not already done so, to change any passwords you have there at once.
And if you are still practicing poor password hygiene by using the same password for multiple services/accounts, we’d recommend changing your password at any site that used the same one as well. If the actor who snagged the data from web.com does manage to decode passwords, someone will certainly begin trying to utilize those email/password combinations at other popular sites.