Data Breach at Web.com Affects 93,000 Customers
Web.com–a company that provides website and Facebook design, marketing, e-commerce, Web hosting and domain registration for small businesses–discovered a data breach on Thursday, August 13. They believe the attack had actually occurred five days earlier. The data of 93,000 of its 3.3 million customers appears to have been compromised.
The credit card numbers, names and addresses of those affected customers have been compromised, but the validation codes for the cards were not retrieved. However, some websites will accept payment via credit card without asking for the validation code, so Web.com is asking affected customers to monitor activity on their card.
The Jacksonville-based Web.com retains customer information for seven years and has notified both current and former clients who were affected. These customers received an email from Web.com on August 18 that notified them of the breach and explained that their credit card information had been compromised. The e-mail described the actions customers should take, including monitoring card transactions and checking their credit report. A hard copy of the letter will be delivered via snail mail, and the company has created a hotline at 877-218-2561 to address customer concerns and questions.
Web.com has supplied impacted customers with one free year of credit monitoring. In the meantime, customers who notice unauthorized charges should immediately contact their bank or credit card company.
Web.com notified the relevant law enforcement agencies, and a criminal investigation is ongoing.
On a FAQ page the company created specifically for this incident, they report they discovered “the unauthorized activity as part of [their] ongoing security monitoring.” As soon as it was found, they shut down the access, began conducting an investigation led by an IT security firm, and notified the relevant state and federal authorities. Web.com assures customers this issue has been resolved.
The company reports they routinely review and update their security protocols but explain, “cybercrime is a persistent threat in today’s world. Despite our best efforts, no business is immune.” After this attack, they are reviewing their security system and promise to invest in any new security processes that could prevent this sort of breach in the future.
If you are a Web.com customer and have not received notification, the company says you can assume that your credit card information was not compromised.
The company also owns Network Solutions and Register.com but assures users that these systems were not affected.