Web.com has discovered an unauthorized breach of one of its computer systems that may have compromised the credit card information of approximately 93,000 customers.
An investigation indicates that the credit card information of approximately 93,000 of the company's over 3.3 million customers has been compromised, including the names and addresses attached to those credit cards. Importantly, the card validation codes were not compromised, and no other customer information was accessed.
The company provides internet solutions and marketing campaigns for small businesses. Web.com also owns numerous brands, including Network Solutions and Register.com. It said that it discovered the breach about five days after it happened, on August 13. The activity was caught by its security monitoring software.
“Web.com has very strong and sophisticated security measures in place to protect our computer systems and we regularly review and update our security protocols,” the company said in its FAQ on the incident. “Unfortunately, cybercrime is a persistent threat in today's world. Despite our best efforts, no business is immune.”
It’s working with an IT security firm to conduct an investigation, has reported the attack to credit card processors and the proper federal and state authorities, sent emails to affected customers and is in the process of sending the letters via the US Postal Service. It will also provide one-year of free credit monitoring for all customers who have been impacted by this incident.
It said that since its record retention policy generally requires it to retain customer data for seven years, even people that haven’t had an interaction with the company for that period of time could be affected.
Computer systems supporting Network Solutions and Register.com were not compromised. However, if a Network Solutions or Register.com customer purchased services from Web.com, their credit card information may have been compromised and, if so, they will receive notification directly from Web.com, the company said.