Attackers have breached Web.com and two top domain name registrars that it owns, NetworkSolutions.com and Register.com, according to Krebs on Security. Web.com issued a security notice advising customers that they will be forced to reset their passwords the next time they log on. Such breaches are particularly worrying, because domain name registrar customers are website owners, and around 8.7 million of them are registered with those companies, according to Krebs.
Web.com said that “a third-party gained unauthorized access to a limited number of its computer systems in late August 2019, and as a result, account information may have been accessed,” adding that “no credit card data was compromised as a result of that incident.”
However, it determined that contact details like “name, address, phone numbers, email address and information about the services that we offer to a given account holder” were exposed. While Web.com asked customers to reset their passwords, it said that “we encrypt account passwords and do not believe this information is vulnerable as a specific result of this incident.”
Such a hack might seem relatively minor, but domain name registrars sell website names like Engadget.com and assign them IP addresses. As such, they’re an essential cog in the internet — if an attacker succeeds in changing a domain name, they can take control of an entire website.
For instance, hackers once compromised the domain name registrar of a Brazilian bank and redirected users to lookalike sites that stole their credentials and installed malware. “If your DNS is under the control of cybercriminals, you’re basically screwed,” Kaspersky’s Dmitry Bestuzhev told Wired about the incident.