Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Sydney based domain trader Netfleet has been hacked and warned customers that their personal details and encrypted credit cards may have been compromised.
Netfleet bills itself as Australia's largest and most active domain name trading website operated by “a small team of developers and domain enthusiasts”.
It admitted that hackers may have stolen customers' name, email and street addresses, phone numbers and encrypted credit card numbers with expiry dates.
“Whilst we believe no sensitive data such as credit card information was accessed by the intruder, there is a possibility that this is indeed the case and as such we felt it our duty to inform you,” the company wrote in an email today.
“Since learning of the intrusion, we have taken the affected systems offline and are taking steps to address the vulnerability that led to this incident.”
The company is cooperating with the Australian Federal Police and the Computer Emergency Response Team (CERT) Australia to “undergo an exhaustive investigation in this matter”.
Netfleet's website has remained offline today with a message noting “technical difficulties”.
The email stated customers do not need to take action at the time the email was issued.
“I would like to stress that we are erring on the side of caution and, there is no need to be unduly alarmed as it is in fact only a very remote possibility that your details have been accessed."
"Since learning of the intrusion, we have taken the affected systems offline and are taking steps to address the vulnerability that led to this incident."
The notice said the company did not store CVV digits, in accordance with PCI DSS requirements.
According to the Netfleet website, the company was formed after au Domain Administration (auDA) changed its rules in 2008 to allow registered Australian domains to be re-sold.
Netfleet operates in a partnership with Netregistry and boasts to sell “exclusively the top level .AU domain extension”.
A Netregistry operator said it was unaffected by the breach.
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.