Network News

X My Profile
View More Activity

Network Solutions Hack Compromises 573,000 Credit, Debit Accounts

Hackers have broken into Web servers owned by domain registrar and hosting provider Network Solutions, planting rogue code that resulted in the compromise of more than 573,000 debit and credit card accounts over the past three months, Security Fix has learned.

Herndon, Va. based Network Solutions discovered in early June that attackers had hacked into Web servers the company uses to provide e-commerce services - a package that includes everything from Web hosting to payment processing -- to at least 4,343 customers, mostly mom-and-pop online stores. The malicious code left behind by the attackers allowed them to intercept personal and financial information for customers who purchased from those stores, Network Solutions spokeswoman Susan Wade said.

Wade said the company is working with federal law enforcement and a commercial data breach forensics team to determine the cause and source of the break-in. The payment data stolen was captured from transactions made between March 12, 2009 and June 8, 2009.

On Friday, Network Solutions began notifying affected customers by e-mail and postal mail. Due to the potential high cost of notifying individual victims, the hosting company is offering to handle the notification of affected customers of the breached online stores. Forty-five states and the District of Columbia have enacted laws requiring organizations to notify consumers when a data breach or loss jeopardizes the security of personal and financial data, but the rules for complying with those laws differ from state to state.

"We feel terribly about it to burden them with the notification process, which can be kind of tricky because there is no one federal data breach statute," Wade said.

Network Solutions also is offering to pay for 12 months of credit monitoring service through Trans Union for each consumer whose financial and personal data was compromised.

By Brian Krebs  |  July 24, 2009; 5:20 PM ET
Categories:  Latest Warnings , Web Fraud 2.0  | Tags: data breach, network solutions  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Service Offers to Retrieve Stolen Data, For a Fee
Next: Microsoft to Issue Emergency Patches Next Week


Find them - and give them all a 100 year prison term - with no chance of parole

Also take every single item that these slime buckets own - and all of their family's possessions as well

Posted by: hclark1 | July 24, 2009 6:40 PM | Report abuse

I love the Sc-Fi image of the "hacker" using a super-duper computer device to attempt every possible combination of USERID/Password in order to get admin rights. Or perhaps they knew the name of the beautiful administrator's favorite pet...or perhaps they just tried Password/Password. One never knows. It is also likely they had a bit of help from the INSIDE...

And of course - if and when the "hackers" get caught they will be immediately offered JOBS as anti-hackers (AKA "the good guys"). Especially since NO ONE can find ANY American computer scientists... and we HAVE TO keep hiring H1-B "Guest" workers to fill all those empty shoes (at a greatly reduced salary). And STILL I sit here unemployed...sigh!

Posted by: Sadler | July 24, 2009 6:58 PM | Report abuse

Another data compromise, another Christmas gift for the credit monitoring services.

Posted by: washpost18 | July 24, 2009 7:00 PM | Report abuse

Credit monitoring through TransUnion? Prepare to get hit up for lots of extra fees and charges. I've found them to be the worst of the three credit bureaus, by a long shot. It took a complaint letter to the FTC to get TU to give me the free copy of my credit report that I'm entitled to by law. For an example of TU's style of operation see "[TU] is Ordered to Stop Illegal Sales of Consumer Reports to Target Marketers", . Maybe they don't charge NetSol much but expect them to make up the difference on you.

Posted by: hairguy01 | July 24, 2009 7:02 PM | Report abuse

Maybe it takes one of our congressmen or senator getting their information stolen and then actually having to deal with issues like having an important loan rejected for bad credit or having to convince a creditor they didn't make purchase X before there is any action on this.

Posted by: gonhkn | July 24, 2009 7:07 PM | Report abuse

@ hclark1 - Unfortunately, the hacker is abroad, probably in Russia. Good luck getting justice.


Posted by: FairlingtonBlade | July 24, 2009 7:29 PM | Report abuse

From the H1-B database:

4/23/2007 Network Solutions, LLC Herndon VA Engineer III 78000
4/23/2007 Network Solutions, LLC Herndon VA Engineer III 81000
4/10/2007 Network Solutions, LLC Herndon VA Siebel Engineer III 90000
3/15/2007 Network Solutions, LLC Herndon VA Senior Siebel Engineer IV 95000
4/16/2007 Network Solutions, LLC Herndon VA Engineer II 65000
7/10/2006 Network Solutions, LLC Herndon VA Quality Assurance Engineer 72616
9/12/2006 Network Solutions, LLC Herndon VA Quality Assurance Engineer 87000
5/5/2006 Network Solutions, LLC Herndon VA Quality Assurance Engineer 69400

$65 to $95K right next to Dulles! WOW!

Posted by: Sadler | July 24, 2009 7:37 PM | Report abuse

Another great scoop! Will NS ever publish a list of affected businesses?

Posted by: Russ_Walker | July 24, 2009 7:48 PM | Report abuse

At least NS is offering credit monitoring to individual victims unlike Heartland. I use TransUnion's (TrueCredit) credit monitoring, and I like their service.

Posted by: kmeiko03 | July 24, 2009 8:02 PM | Report abuse

I bet it was an inside job.

Posted by: magnifco1000 | July 24, 2009 8:18 PM | Report abuse

"From the H1-B database:
4/23/2007 Network Solutions, LLC Herndon VA Engineer III 78000
4/23/2007 Network Solutions, LLC Herndon VA Engineer III 81000

What does the list purport to show?

It certainly doesn't ahow H1-B guys "filling all those empty shoes (at a greatly reduced salary)" - I am missing something.

Or do you imply that salaries ranging from 65k to 95k are quite low?

Posted by: pKrishna43 | July 24, 2009 8:24 PM | Report abuse

kmelko03, fyi googling on "TransUnion complaints" returns 1.41 million hits. YMMV.

Posted by: hairguy01 | July 24, 2009 8:46 PM | Report abuse

"We feel terribly about it to burden them with the notification process, which can be kind of tricky because there is no one federal data breach statute," Wade said.


Burden them with the notification process? No one federal data breach statue?

Is this spokesperson a potted plant?

Everyone would want to know asap if their credit card was ripped off, AND federal law doesn't get in the way of NS doing this much!

Posted by: JamesSCameron | July 24, 2009 9:05 PM | Report abuse

Posted by: pKrishna43 "...Or do you imply that salaries ranging from 65k to 95k are quite low?"
I'm NOT implying...I was making 105K (excluding bonus) in 2003 - and didn't live anywhere near DC. If the H1-B workers realized how badly they are getting screwed they would start doing some very bad attempting to destroy 4,000 Fannie Mae servers...

The H1-B program was specifically started to SUPRESS wages...not just be nice to a bunch of workers from other countries - DUH! Try reading up...

Posted by: Sadler | July 24, 2009 11:20 PM | Report abuse

hairguy01, I'm sure if you also googled the other credit reporting companies and other businesses that sell credit monitoring services, that you'd find the same results. I've used several of them and they're all pretty much the same. All I'm saying is that at least NS offered something to their affected individuals unlike some other companies out there.

Posted by: kmeiko03 | July 25, 2009 12:34 AM | Report abuse

They are offering to pay for 12 months of credit monitoring service? Why don't they give the consumer the option pay for 12 months of domain registration instead of credit monitoring?
What if I already have credit monitoring through 3 services because of the 5 previous breaches that affected me?
Hell, at this rate, if the credit monitoring isn't concurrent, I probably have it until 2015.

Posted by: mkevhill21 | July 25, 2009 12:06 PM | Report abuse

kmeiko03, and what I'm saying is that the quality of what's being offered seems dubious to me. Was TransUnion perhaps the low bidder to NetSol? You say you had a good experience with TU. I notice though that you were paying them for it. Try getting from them something you are entitled to free of charge by law, your credit report once a year. I had to write the FTC to get them to force TU to give it to me. Or read some of the horror stories in the first few pages of that google search. I did; it's frightening. I've dealt with the other two credit bureaus also and it was nothing like dealing with TU. My TU report also had the most mistakes of the three bureaus.

Posted by: hairguy01 | July 25, 2009 12:15 PM | Report abuse

I retweeted a link to this article and within 3 minutes I was contacted by someone from Network Solutions.
There was no mention of contacting customers. Instead their response is

"At this point, we have no reports or other reasons to believe that any credit card account information has been misused. Under established practice, credit card issuing companies generally will not hold our merchants’ customers liable for any fraudulent purchases made using their credit card account numbers that are reported in a timely manner to the issuer."

WTF? So they're saying you don't have to worry because your credit card company won't charge as long as you notice the incorrect charges and report them?

Thanks for bringing this to our attention Brian.


Posted by: BillPytlovany | July 25, 2009 11:32 PM | Report abuse

I don't believe this was an inside job. The new hacker is much more sophisticated using methods to get on networks, then gleaming information to remote systems to command and control such attacks. There are no standards, which the reasoning is it will cost businesses. If the only thing NS will lose is offering credit reports, there is no impetus for change.

Posted by: srchasjc | July 26, 2009 1:50 PM | Report abuse

Resonding to BillPylovany's comment: Bill, we've made both the credit card companies and the credit card payment processing companies aware of this incident. In some cases, when credit card companies see signals of fraudulent activity they reach out to companies. At this point, we have not received any reports. As a precaution, we urge people to review their credit card statements on a regular basis and let their CC company know if they see something that looks suspicious. Affected merchants also may have an obligation in certain states where their customers reside to notify impacted customers about this situation. We're working with our affected merchants to help them with the notification process. More info is at -Susan Wade, Network Solutions

Posted by: SWade1 | July 26, 2009 5:23 PM | Report abuse

Read comments of 'bredkobyly' to the following youtube video:

Posted by: madspirit | July 27, 2009 4:33 AM | Report abuse

When did NSI appoint its first Chief Privacy Officer? Oh, that's right. It hasn't yet. Privacy is one of the collateral duties of the General Counsel.

Posted by: ConcernedCPO | July 27, 2009 1:40 PM | Report abuse

Whoever said it above is likely right, the hacker is probably from Russia and free from the short arm of the law in this area. Heck, we can't even have a uniform credit breach reporting act. When is our Federal Gov't going to get on board? When is Interpol or some international organization going to get some teeth?

Posted by: peterpallesen | July 27, 2009 2:59 PM | Report abuse

I decided to do you guys a favor by sharing the following information. A massive irrepairable security breach in the Staples retail store system is about to be exploited. My advise to anyone reading this - do not shop at Staples stores this "Back to School" season.

Posted by: madspirit | July 28, 2009 11:48 PM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company