Data breach at Domaineshop – tens of thousands of passwords lost
All customers must change their password by 20 October.
Domaineshop sells online domains. According to VG is the e-mail address of users, username, encrypted password and description of the user on the way.
– Even if all passwords are encrypted, it can only be a matter of time before they can be compromised. We strongly apologize for this failure in our security and the inconvenience it causes our customers and their users, the company writes in an operating statement Monday.
It was on Monday that the company received the first notifications that something was wrong. This is what the chairman of the company Dag Øien tells Aftenposten. The data breach occurred on the night of Monday 17 October.
– We now encourage all our customers to change their passwords, says Øien.
All customers must change their passwords by 20 October, the company states in its operational announcement.
He says that several hundred thousand passwords may have been compromised. Domainshop over 100,000 customers and 600,000 domains, the company states on its website. Last year, the company had a market share of over 40 per cent.
Customers include private individuals, companies and the public sector.
But only customers who use Domaineshop as an e-mail provider are affected. The island estimates that this applies to around 10 to 30 percent of the domains.
The island’s help at the event comes as a result of a specific attack. Security measures have been introduced to ensure that this does not happen again. The company is in contact with the authorities about the matter.
The island says they do not know who was behind the attack.