"Told punters yesterday", did they?
Still awaiting my communication from them, then.
The UK’s number two website hosting business, Easily.co.uk, has confirmed to customers it has fallen prey to cyber crims. The NetNames-owned company, which hosts 100,000 sites including 65,000 in Britain, told punters yesterday IT systems were attacked by an “unknown third party”. “A forensic investigation by independent …
I received an email yesterday which was basically the same as this article, although it also included the following:
"However, none of the domain names that are registered to you were featured on the list that was accessed".
So perhaps there is a different communication for people whose domains were on the list?
We got a mail "Easily Security Update" yesterday that went in the "could be a phishing attempt" pile as it was peppered with crap like "Click the “Forgotten Login/Password” [www.mmtrack43.co.uk] button". The only worrying aspect was that it was sent to the unique address used only for our Easily account - was it sent by the hackers to get the info they missed while they were in...?
(WTF is mmtrack43.co.uk? Google for "mmtrack43.co.uk" brings up a lot of links about Blueleaf Plants. mmtrack.co.uk seems to be some sort of mailing manager, but nothing that gives any confidence it's legitimate).
"WTF is mmtrack43.co.uk? Google for "mmtrack43.co.uk" brings up a lot of links about Blueleaf Plants. mmtrack.co.uk seems to be some sort of mailing manager, but nothing that gives any confidence it's legitimate"
According to Nominet's whois, it belongs to a company called IHM Ltd, who appear to be a web design company - so possibly registered on behalf of a customer. Perhaps the domain itself (or the hosting account for it) has been compromised if the links within the email led there.
Looks like it wasn't just Easily.. just got an email from SpeedNames (another subsidiary) about it..
Security Update (11th December 2015)
Dear Customer,
I am writing to inform you that Speednames has been subjected to a targeted attack against our IT systems by an unknown third party. A forensic investigation by independent expertshas revealed that unauthorised access was gained to our internal systems. This included the placement of malware on those systems.
We have taken action to isolate and remove the malware which was identified.
The investigation revealed that a list of domain names registered on behalf of our customers was accessed. This information is already publicly available on the “WHOIS” database. We have found no evidence that your account details, passwords or any personal information which could identify you was accessed. However, as a precautionary measure, we recommend that you change the password which you use to log into speednames.uk