05|10|2013 01:59 am EDT
Wednesday DNN ran an article about a purported hack of several domain name registrars by HTP (Hack the Planet). While HTP claimed that the hosting company Linode.com was the intended target, the group also claimed they were able to hack in to Melbourne IT, Name.com, Moniker and Xinnet and provided “evidence” of this on their HTP5 zine in a file called registrar-data.txt .
Linode.com acknowledged the hack in a blog post.
Name.com recently discovered a security breach where customer account information including usernames, email addresses, and encrypted passwords and encrypted credit card account information may have been accessed by unauthorized individuals. It appears that the security breach was motivated by an attempt to gain information on a single, large commercial account at Name.com.
Moniker.com representatives sent DNN a statement today about the claims made by HTP. As we had mentioned in the earlier article, the information published (which we are not reprinting for obvious reasons) contained a handful of user names and passwords for administrative personnel with email addresses using @oversee.net. Moniker is no longer owned by Oversee and some of the employees on that list are no longer with Moniker or Oversee for that matter. The information seemed dated at best.
Moniker’s letter to DNN stated :
“In regards to the alleged attack, our investigation has revealed the following facts.
-The published file does not contain any access or information related to or about Moniker customers, their accounts or their domains.
-The information was also not accessed through the Moniker registrar platform.
-The information included in the file contained access to a discontinued standalone content only site intended for public viewing.
We take any security questions extremely seriously and felt it important to provide a detailed response.”
From what DNN saw in the HTP published files, there did not appear to be any customer user names or passwords from any of the registrars mentioned including Melbourne IT, Name.com, Moniker.com or Xinnet. (In other words, your log-in information isn’t published somewhere online for everyone to grab.) The published file seems to be more of a “look what we saw” snapshot.