The credit card details of 93,000 Web.com customers have been stolen by hackers.
The name, address and credit card number of the affected customers were accessed. The verification numbers (from the back of the cards) were not stolen.
Web.com said the attack was discovered August 13 and has been reported to the proper authorities.
Network Solutions and Register.com, its leading registrar businesses, were not affected, the company said.
It has 3.3 million customers. Those whose details were stolen have been emailed and will receive a letter in the mail.
The company said it will provide affected customers with a year of free credit monitoring.
OpenTLD has fired off its newest salvo in its ongoing cybersquatting dispute with ICANN, saying the ICANN-imposed suspension would “devastate” its business.
The company has also addressed many of ICANN’s cybersquatting allegations, while failing to deny it squatted on two competitors’ trademarks.
In its latest arbitration filing (pdf), OpenTLD said: “Quite simply, the suspension of OpenTLD’s ability to offer gTLD registrations and inbound transfers would decimate its unique business model.”
ICANN had argued that the suspension of its registrar accreditation was no big deal because its gTLD domain base is measured in the low thousands, whereas the total domains under management of parent Freenom, which offers free domains in .tk and other ccTLDS, is in excess of 25 million.
But OpenTLD said the two businesses as “deeply intertwined” and separating the two would impair its ability to do business.
ICANN is pushing for the suspension because OpenTLD lost two UDRP cases earlier this year. Both were filed by competitors — Key-Systems and NetEarth — who accused the registrar of attempting to lure resellers to its platform by infringing rivals’ trademarks.
ICANN has since followed up by accusing OpenTLD of continuing to cybersquat famous brands, including Google and Facebook, even after the suspension notice was issued. These claims, as I noted last week, are very dubious, however.
In its latest filing, OpenTLD denies that any of those domains — all of which use its privacy service — were registered by itself. It goes so far as to name the actual registrants.
But it fails to deny that it was the true registrant of the Key-Systems and NetEarth domains lost in the UDRP cases.
Rather, it focuses on ICANN’s claims that it committed “cyberflight” by deleting the UDRP’d domains rather than allowing them to be transferred to the trademark owners.
It admits that the domains were deleted but said this was “inadvertent” and that it attempted to transfer them to its competitors later.
OpenTLD wants the threatened suspension stayed.
The case continues. A decision by the arbitration panel is expected August 24.
ICANN has accused OpenTLD, the registrar arm of Freenom, of cybersquatting famous brands even after it was threatened with suspension.
The claims may be worrying for some registrars as ICANN may in fact be holding the registrar responsible for the actions of its proxy service customers.
OpenTLD was suspended by ICANN in early July, after two UDRP rulings found the company had cybersquatted rival registrars’ brands in order to poach customers.
The suspension was lifted after just a few hours when OpenTLD took ICANN to arbitration under the terms of its Registrar Accreditation Agreement.
In ICANN’s latest arbitration filing, the organization’s lawyers argue that the suspension should not be stayed, because OpenTLD has been shown to engage in a pattern of cybersquatting.
Like the original suspension notice, the filing cites the two UDRP losses, along with footnotes indicating that as many as seven competing brands had been cybersquatted.
But ICANN has now also escalated its allegations to bring in non-registrar brands where it’s far from clear that OpenTLD is the actual registrant.
ICANN’s filing states:
even a brief review of the domain names in OpenTLD’s portfolio demonstrates that OpenTLD appears to be continuing to engage in bad faith and abusive registration practices. As of 3 August 2015, there were at least 73 gTLD domains registered to Stichting OpenTLD WHOIS Proxy (which is OpenTLD’s proxy service) that are identical to or contain the registered trademarks or trade names of third parties, including, by way of small example, the domain names barnesandnoble.link, sephora.bargains, at-facebook.com, ebaybh.com, googlefreeporn.com, global-paypal.com, hotmailtechnicalsupport.com, and secure-apple.com. ICANN is not aware of any legitimate interest or right that OpenTLD has to use these third-party trademarks and trade names.
Even more concerning is the fact that at least 14 gTLD domain names that contain the registered trademarks or trade names of third parties were registered by OpenTLD’s proxy service after the 23 June 2015 Suspension Notice was issued to OpenTLD, further demonstrating that OpenTLD’s overtures of “cooperation” ring hollow.
To be clear, that’s ICANN accusing OpenTLD of cybersquatting because some of the domains registered via its privacy service appear to be trademark infringements.
It’s basically equating infringing use of OpenTLD’s proxy service (such the registration of barnesandnoble.link) with the infringing behavior of OpenTLD itself (such as the registration of godaddy.cf, a February 2015 screenshot of which can be seen below.)
This may just be legal posturing, but I imagine many other registrars would be worried to know that they could have their accreditation suspended for cybersquatting simply because some of their privacy customers are cybersquatters.
I’d wager that every proxy/privacy service available has been used by blatant cybersquatters at one time or another.
Filings in the arbitration case can be found here.
“Cybersquatting” registrar OpenTLD, part of the Freenom group, has had its accreditation un-suspended by ICANN while the two parties slug it out in arbitration.
Filed three weeks ago by OpenTLD, it’s the first complaint to head to arbitration about under the 2013 Registrar Accreditation Agreement.
ICANN suspended the registrar for 90 days in late June, claiming that it “engaged in a pattern and practice of trafficking in or use of domain names identical or confusingly similar to a trademark or service mark of a third party”.
But OpenTLD filed its arbitration claim day before the suspension was due to come in to effect, demanding a stay.
ICANN — voluntarily, it seems — put the suspension on hold pending the outcome of the case.
The suspension came about due to OpenTLD being found guilty of cybersquatting its competitors in two UDRP cases.
In both cases, the UDRP panel found that the company had cybersquatted the trademarks of rival registrars in an attempt to entice their resellers over to its platform.
But OpenTLD claims that ICANN rushed to suspend it without giving it a chance to put forward its side of the story and without informing it of the breach.
It further claims that the suspension is “disproportionate and unprecedented” and that the public interest would not be served for the suspension to be upheld.
This is not an Independent Review Process proceeding, so things are expected to move forward relatively quickly.
The arbitration panel expects to hear arguments by phone August 14 and rule one way or the other by August 24.
Read the OpenTLD complaint here.
Chinese registrar name2host.com has had its accreditation terminated by ICANN for failing to comply with an audit.
According to the compliance notice (pdf), ICANN has been chasing the company since March but has encountered only disconnected phones and unanswered emails.
It seems name2host.com’s principals were all using Hotmail or Yahoo email accounts; not exactly the kind of thing you want to see from a domain name registrar.
The registrar had fewer than 5,000 gTLD domains on its books in March, all in .com and .net.
ICANN will initiate a bulk transfer to a new registrar using its usual process.