News

Network Solutions hit by massive data breach

Warwick Ashford

Details of more than 570,000 credit card holders may have been stolen from users of over 4,000 US-based websites hosted by Network Solutions, the company has warned.

The web hosting firm said it found malicious code on servers supporting some of its e-commerce clients' websites.

Cybercriminals used a similar method to steal millions of credit card transition details from Heartland Payment Systems in 2008.

"The code may have captured transaction data from approximately 573,928 cardholders," Network Solutions said in a statement.

Forensic investigations revealed that the data breaches took place between 12 March and 8 June 2009.

"At this point we have no reports or other reasons to believe any credit card information has been misused," the company said.

The breach affects only US merchants, but demonstrates that all e-commerce firms must check the security of third-party service providers thoroughly.

Network Solutions has moved quickly to avert a public relations disaster by helping affected merchants notify their customers.

The web hosting firm has also used social networking tools to alert merchants and their customers and set up a website to keep merchants informed and updated.

A posting on the site emphasised that the data breach affected only Network Solutions' e-commerce customers.

"Customers of Network Solutions that have other products, such as domains, e-mail accounts, hosting and online marketing, were not impacted by this event," it said.

Network Solutions said it used the Radian6 tool to spread information and advice through Twitter Search, Google Alerts and Backtype.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy