Web.com Loses 93,000 Credit Card Numbers in Breach

Hosting provider Web.com said it was breached last week and hackers made off with payment card and personal data belonging to 93,000 customers.

Update Florida-based web hosting company Web.com on Tuesday announced that it had suffered a data breach and payment card and personal information belonging to 93,000 customers was accessed.

The company did not say in a statement or press release whether the stolen data was encrypted, nor how it was accessed. “All Web.com customer credit card numbers are encrypted,” company spokesperson John Herbkersman told Threatpost via email.

The breach was detected Aug. 13 and Web.com said it contacted law enforcement and a security consulting firm to assist with its investigation.

Web.com said it has more than 3.3 million customers and said that it is offering a year of credit monitoring to those affected by the breach; victims were yesterday sent an email from Web.com explaining next steps.

“The security of our customer information is a high priority for Web.com. Our goals are simple – to protect our clients from internet attacks and, in the event that an attack succeeds, to fix the problem immediately,” said David L. Brown, chairman, chief executive officer and president of Web.com, in a prepared statement.

Web.com said the vector by which the attackers were able to infiltrate one of its systems was immediately shut down. In addition to credit card numbers, Web.com said the hackers also accessed personal information including names and addresses attached to the payment cards. Card validation, or security codes, as well as Social Security numbers were not compromised, Web.com said.

“Web.com has very strong and sophisticated security measures in place to protect our computer systems and we regularly review and update our security protocols,” the company said in a FAQ published on its site. “Unfortunately, cybercrime is a persistent threat in today’s world. Despite our best efforts, no business is immune.”

Web.com provides an array of hosting services, as well as domain registration, website design, management, search engine optimization and other services.

This article was updated Aug. 21 with a comment from Web.com.

Suggested articles

Discussion

  • Howard Huntley Jr on

    My name is Howard Huntley I had an account with web.com and I think I was among the ones information was stole due to your breach
  • Perry on

    Has WEB.COM considered the possibility that some of its staff or employee may have been compromised, leading to an internal leakages? 93,000 Credit card information theft is a hard knock on the firm credibility.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.