NameDrive Breached, Less Than 1% of Accounts Affected

Wednesday, February 4th, 2009

Breach exposes e-mails and passwords.

E-mail addresses and passwords for a limited number of NameDrive customers were obtained and posted in a hacker forum this month. The security breach just came to light today. NameDrive has responded by instituting new security measures including password resets:

We were alerted of a possible security breach affecting less than 1% of our accounts, although we have no indication that any unauthorized access was gained, we have reacted forcefully to ensure absolute security for your account.

If you have any concerns, please feel free to contact us at info@namedrive.com

NameDrive was quick to act after being informed of the breach.

It is unlikely that the intent of the hackers was to login to NameDrive accounts, but more likely used to check free e-mail accounts that may have used the same password as the NameDrive accounts. However, the information could have been used to access NameDrive and get information such as tax ids.

A compromised e-mail account can be used for a number of malicious reasons, but I am unaware of any incidents linked to this. NameDrive customers should consider changing passwords at other sites if they use the same password across multiple web sites.

This is the second security breach to hit the domain community over the past month. Last month limited information from 1,000 accounts at GoDaddy was compromised.

http://domainnamewire.com/2009/01/19/go-daddy-thwarts-cyber-criminal-1000-accounts-locked/

  • Digg
  • Facebook
  • Reddit
  • StumbleUpon
  • Twitter
  • Yahoo! Buzz

Related posts:

  1. The Weakest Security Link is You
  2. Security Software Every Domain Owner Should Use
  3. Go Daddy Thwarts Cyber Criminal, 1,000 Accounts Locked

Tags: ,

7 Comments » - Posted in Domain Parking by Andrew Allemann

Comments

  1. Identity Theft Blog from www.insideIDtheft.info » Blog Archive » NameDrive Breached
    February 4th, 2009 | 7:35 pm

    [...] See the full story at DomainNameWire.com. [...]

  2. Domainer
    February 4th, 2009 | 10:13 pm

    If a U.S. business lets confidential data released due to their negligence, they are
    liable for damages.

    What about these companies?

  3. Security Alert from Sedo
    February 5th, 2009 | 7:33 am

    [...] are referring to NameDrive, which, as Domain Name Wire reported yesterday, had less than 1% of their client accounts hacked [...]

  4. Kia Foster
    February 5th, 2009 | 8:56 am

    Not happy at all. NameDrive should have been
    much more upfront than they were. Also GoDaddy were not upfront. These companies are much much too lax.

  5. Matt
    February 5th, 2009 | 11:45 pm

    First off, why did NameDrive store passwords in plain-text.

    The hackers could’ve stole the information, but if the passwords were AT LEAST encrypted, they would have a harder time.

    If they were hashed, the data would’ve been at least worthless. But stored in plain text? Wow.

  6. Domain Name Wire » News » Security Software Every Domain Owner Should Use - The Domain Industry's News Source
    February 11th, 2009 | 9:02 am

    [...] security breach was discovered last week at domain name parking company NameDrive . After discovering that many [...]

  7. Peter Moulton
    May 25th, 2009 | 8:50 am

    Godaddy.com was hacked and domains from one account are moved to another account. On Friday May 22, 2009 I got a message that there were changes to my account with nine domains of clients. I immediately responded telling Godaddy.com that I had not made any changes. After hours on the phone and messages back and forth it is four day later and they still have not restored the domains.

Leave a reply


TOP