Latest news of the domain name industry

Recent Posts

Hackers stole data from Verisign, Blacknight

Kevin Murphy, February 2, 2012, 14:25:13 (UTC), Domain Registries

Hackers broke into Verisign’s corporate network and made out with sensitive data, it emerged today.
The attacks happened in 2010 and the company does not believe its all-important domain name infrastructure – which supports .com and several other top-level domains – was compromised.
Reuters broke the news today, but the attack was actually revealed in a Securities and Exchange Commission filing last October. The filing said:

In 2010, the Company faced several successful attacks against its corporate network in which access was gained to information on a small portion of our computers and servers. We have investigated and do not believe these attacks breached the servers that support our Domain Name System (“DNS”) network. Information stored on the compromised corporate systems was exfiltrated.

The filing, which was required under recent SEC disclosure rules, goes on to say that the attacks were “not sufficiently reported to the Company’s management” until September 2011.
It adds that Verisign does not know whether the “exfilitrated” – ie, stolen – data was used by the attackers. The filing does not say what was taken.
Back in 2010, Verisign was still a security company. It did not sell off its SSL business to Symantec until August that year. The filing does not say whether SSL data was breached.
As one of the logical single points of failure on the internet, Verisign is of course the subject of regular attacks, mainly of the performance-degrading distributed denial of service variety.
The bigger worry, as Reuters rather breathlessly notes, is that if hackers could compromise the integrity of the DNS root or .com/.net zones, it could lead to mayhem.
In unrelated news, the domain name registrar Blacknight today revealed that it got hacked on Tuesday.
The attackers may have got away with contact information – including email addresses and telephone numbers – for up to 40,000 customers, the company said.
Financial information such as credit card numbers was not compromised, Blacknight said.
The company has contacted Irish data protection regulators and will also inform the police. Customers are advised to change their passwords.
If you’re a Blacknight customer you’ll also want to be on the lookout for “spear-phishing” attacks in the near future. When the bad guys know your name, it can lead to a more convincing phish.

Tagged: , , ,

Comments (1)

  1. Steve Jones says:

    Hopefully at least with all these hacking attacks, more and more sites with highly sensitive information are realizing they need to have sufficient security. Some of the hacking that has happened wouldn’t have happened if not for sloppy security.

Add Your Comment