Two big sites have their domains compromised — and both use the same domain name registrar.
Twitter and the New York Times have apparently had their domain names compromised, and the two companies have one thing in common: they both use MelbourneIT as their domain name registrar.
As of right now, the New York Times whois record reads:
Twitter’s whois record seems to be fine when I look it up on Melbourne IT. As the domain registrar for the domain, MelbourneIT’s whois is the most up-to-date.
However, the DNS was allegedly compromised earlier today. If that’s the case, it was quickly fixed.
There’s also chatter that Huffington Post’s UK site had its domain name compromised. I can’t confirm this immediately, but it also uses Melbourne IT for its domain registration.
It baffles me that large sites like this can be put into a position where their domain names can be altered. I sure hope both of these companies have been offered two factor authentication for their registrar account — and are using it.