Extent of breach is unknown but the site did not store credit card details.
Domaining.com has been compromised.
Francois Carrillo, who operates the domain blog aggregator, posted on Twitter today that he has closed login functionality while he investigates:
Urgent: https://t.co/yvF1mB9mIF has been apparently compromised, login has been closed. We were not story any CC data but change your password in other services if you were using the same. More info later, sorry.
— Domaining.com (@DomainingCom) November 3, 2021
It’s good to hear that the site didn’t store any credit card information.
Few people use Domaining.com’s login functionality, so the breach shouldn’t impact too many people. Accounts are only required for people who want to customize what they see, boost/sponsor posts, and bloggers who manage their content.
Anyone who has a registered account and reuses passwords at other sites should change their passwords at those sites.
Francois says
Thanks Andrew for sharing the security alert.
Now that login has been closed, my priority is to contact all our members about the breach, to ensure they change their passwords on others services if they are using the same or a similar one.
So I will make a point about the breach later.