back to article NetNames confirms easily.co.uk whacked by cyber crims

The UK’s number two website hosting business, Easily.co.uk, has confirmed to customers it has fallen prey to cyber crims. The NetNames-owned company, which hosts 100,000 sites including 65,000 in Britain, told punters yesterday IT systems were attacked by an “unknown third party”. “A forensic investigation by independent …

  1. Huw D
    FAIL

    "Told punters yesterday", did they?

    Still awaiting my communication from them, then.

    1. StephenD

      Re: "Told punters yesterday", did they?

      My communication arrived 1205 on Thursday.

    2. Snivelling Wretch

      Re: "Told punters yesterday", did they?

      I received an email yesterday which was basically the same as this article, although it also included the following:

      "However, none of the domain names that are registered to you were featured on the list that was accessed".

      So perhaps there is a different communication for people whose domains were on the list?

    3. Jusme
      Facepalm

      Re: "Told punters yesterday", did they?

      We got a mail "Easily Security Update" yesterday that went in the "could be a phishing attempt" pile as it was peppered with crap like "Click the “Forgotten Login/Password” [www.mmtrack43.co.uk] button". The only worrying aspect was that it was sent to the unique address used only for our Easily account - was it sent by the hackers to get the info they missed while they were in...?

      (WTF is mmtrack43.co.uk? Google for "mmtrack43.co.uk" brings up a lot of links about Blueleaf Plants. mmtrack.co.uk seems to be some sort of mailing manager, but nothing that gives any confidence it's legitimate).

      1. GreggS

        Re: "Told punters yesterday", did they?

        The legit one I got (as i still have one of my wife's domains with them) only contained links to the legit easily.co.uk site, but i iwas also one of the ones thay said didn't have my domain on the list that was accessed.

      2. VinceH

        Re: "Told punters yesterday", did they?

        "WTF is mmtrack43.co.uk? Google for "mmtrack43.co.uk" brings up a lot of links about Blueleaf Plants. mmtrack.co.uk seems to be some sort of mailing manager, but nothing that gives any confidence it's legitimate"

        According to Nominet's whois, it belongs to a company called IHM Ltd, who appear to be a web design company - so possibly registered on behalf of a customer. Perhaps the domain itself (or the hosting account for it) has been compromised if the links within the email led there.

    4. charliecharlie24

      Re: "Told punters yesterday", did they?

      Got ours at 16:05 on Thursday. It does state in the email that they are contacting domain owners that they believe have been affected first. So you may be one of the lucky ones that haven't had their details pilfered.

      1. Huw D

        Re: "Told punters yesterday", did they?

        Woo hoo. Maybe it's my lucky day. Perhaps I'll buy a lottery ticket

  2. batfastad

    NetNames

    ... Are rubbish.

    Anyone ever had the displeasure of using their Platinum Manager?

    And their pricing? Wow.

  3. scs
    FAIL

    Phishing

    Noticed an Apple phishing email from NetNames servers yesterday, this would explain it.

    S.

  4. Anonymous Coward
    Anonymous Coward

    Looks like it wasn't just Easily.. just got an email from SpeedNames (another subsidiary) about it..

    Security Update (11th December 2015)

    Dear Customer,

    I am writing to inform you that Speednames has been subjected to a targeted attack against our IT systems by an unknown third party. A forensic investigation by independent expertshas revealed that unauthorised access was gained to our internal systems. This included the placement of malware on those systems.

    We have taken action to isolate and remove the malware which was identified.

    The investigation revealed that a list of domain names registered on behalf of our customers was accessed. This information is already publicly available on the “WHOIS” database. We have found no evidence that your account details, passwords or any personal information which could identify you was accessed. However, as a precautionary measure, we recommend that you change the password which you use to log into speednames.uk

  5. John Sanders
    Holmes

    Getting the feeling

    That there is more to this story than meets the eye...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon