Saturday, 20 August 2022
Meet the JournalistsPremiumAucklandWellingtonCanterbury/South Island
CrimePoliticsHealthEducationEnvironment and ClimateNZ Herald FocusData journalismKāhu, Māori ContentPropertyWeather
Small BusinessOpinionPersonal FinanceEconomyBusiness TravelCapital Markets
Politics
Premium SportRugbyCricketRacingNetballBoxingLeagueFootballSuper RugbyAthleticsBasketballMotorsportTennisCyclingGolfAmerican SportsHockeyUFC
NZH Local FocusThe Northern AdvocateThe Northland AgeThe AucklanderWaikato HeraldBay of Plenty TimesHawke's Bay TodayRotorua Daily PostWhanganui ChronicleStratford PressManawatu GuardianKapiti NewsHorowhenua ChronicleTe Awamutu Courier
Covid-19
Te Rito
Te Rito
OneRoof PropertyCommercial Property
Open JusticeVideoPodcastsTechnologyWorldOpinion
SpyTVMoviesBooksMusicCultureSideswipeCompetitions
Fashion & BeautyFood & DrinkRoyalsRelationshipsWellbeingPets & AnimalsVivaCanvasEat WellCompetitionsRestaurants & Menus
New Zealand TravelAustralia TravelInternational Travel
Our Green FutureRuralOneRoof Property
Career AdviceCorporate News
Driven MotoringPhotos
SudokuCodecrackerCrosswordsWordsearchDaily quizzes
Classifieds
KaitaiaWhangareiDargavilleAucklandThamesTaurangaHamiltonWhakataneRotoruaTokoroaTe KuitiTaumarunuiTaupoGisborneNew PlymouthNapierHastingsDannevirkeWhanganuiPalmerston NorthLevinParaparaumuMastertonWellingtonMotuekaNelsonBlenheimWestportReeftonKaikouraGreymouthHokitikaChristchurchAshburtonTimaruWanakaOamaruQueenstownDunedinGoreInvercargill
NZ HeraldThe Northern AdvocateThe Northland AgeThe AucklanderWaikato HeraldBay Of Plenty TimesRotorua Daily PostHawke's Bay TodayWhanganui ChronicleThe Stratford PressManawatu GuardianKapiti NewsHorowhenua ChronicleTe Awamutu CourierVivaEat WellOneRoofDriven MotoringThe CountryPhoto SalesNZ Herald InsightsWatchMeGrabOneiHeart RadioRestaurant Hub

Advertisement

Advertise with NZME.
Business

Millions of accounts - including Kiwis' - compromised in huge internet registry breach; tips to keep safe

3 Nov, 2019 08:42 PM4 minutes to read
CEO of Aura Information Security, Andy Prow, speaks on the growth of cyber-attacks and the industry trying to prevent them. Video / Supplied

CEO of Aura Information Security, Andy Prow, speaks on the growth of cyber-attacks and the industry trying to prevent them. Video / Supplied

Chris Keall
By
Chris Keall

Chris Keall is the technology editor and a senior business writer for the NZ Herald

VIEW PROFILE

Register.com - one of the world's largest internet registrars - is warning people to change their password and monitor their credit card account for suspicious activity following a massive security breach.

A registrar is a company that sells and manages domains, or website addresses.

Register.com is popular with Kiwis - and millions of others worldwide - who want to get a ".com" address.

An email to Register.com customers sent this morning NZT, says the company learned on October 16 that "a third-party gained unauthorized access" in late August.

Advertisement

Advertise with NZME.

It wasn't immediately clear why it took until October 30 to notify customers, with some not emailed until this morning.

READ MORE:
• PwC Herald Talks: Security expert's tricks for better cyber safety
• NZ's top five internet fears - and a killer security tip

Register.com's email said the breach did not include credit card details but did include "information for current and former Register.com customers may have been accessed. This information includes contact details such as name, address, phone numbers [and] email addresses."

It was fuzzy on whether passwords were taken. A spokesperson told media, "We encrypt account passwords and do not believe this information is vulnerable as a specific result of this incident." The password resets were just an "added precautionary measure," according to the spokesperson.

Image / 123rf
Image / 123rf

The August breach involved both Register.com and its sister company Network Solutions - both of which are owned by Web.com.

Krebs on Security reported Web.com wasn't clear how long the intrusion lasted, but if the breach wasn't detected until mid-October that means the intruders potentially had about six weeks inside unnoticed. That's a long time for an adversary to wander about one's network, and plenty of time to steal a great deal more information than just names, addresses and phone numbers.

Related articles

Business

Revealed: NZ's top five internet fears

30 Jan 08:15 PM
Business

Security expert's password tricks to prevent being hacked

05 Apr 01:03 AM
Business

Australia proposes face scans for porn, online gambling

31 Oct 04:52 AM
Business

Telcos block access to Chch shooter game - but say they're reluctant cops and govt needs to act

01 Nov 02:07 AM

Both Network Solutions and Register.com are owned by Web.com. Network Solutions is now the world's fifth-largest domain name registrar, with almost seven million domains in its stable, according to domainstate.com; Register.com listed at 17 with 1.7 million domains.

Web.com said it has reported the incident to law enforcement and hired an outside security firm to investigate further.

Advertisement

Advertise with NZME.

Tips to keep safe

As ever, it's a good idea to use a different password for every website you access.

Earlier, Vodafone security expert Colin James said a password manager or "vault" can help - that's a bit of software that remembers and autofills all your logons. All you have to remember is one master password.

Another security expert, Ben Creet, added that if you use a relatively new computer, its operating system will protect you against viruses and malware. So if you only have a limited budget, spend it on a password manager like LastPass.

But while a password manager can work seamlessly on a PC, they can come unstuck in today's gadget-heavy world where we're often logging on a service via a phone, tablet or even watch.

Luckily, James has a couple of tricks. One will make your passwords safer, the other will make you a lot more secure.

One is to stop thinking "passwords" and start thinking "passphrases," the Vodafone expert says.

Advertisement

Advertise with NZME.

He suggests using a line from your favourite song as your passphrase. It'll be easy for you to remember, but impossible for hacker bots to guess.

His other trick: use "two-factor authentication" or "2FA" in IT-speak. That means you don't just type in a password. You also have to enter a second "factor" - mostly commonly a numerical code texted to your cellphone.

2FA can be a hassle, but many services have an option to only enable for devices outside your home or office.

James says if your device supports fingerprint or facial scan logon, that can be considered a second factor, too - because it requires you to be physically present.

Advertisement

Advertise with NZME.

Latest from Business

Premium
Business

Tompkins Wake sets new frontier for diversity

20 Aug 12:00 AM
Premium
Business

Mike Munro: Rocky road to reach next Government

19 Aug 11:00 PM
Business

Shamubeel Eaqub on 'stupid' inflation debate and how he'd fix poverty

19 Aug 06:03 PM
Premium
Business

Steven Joyce: School shake-up needed for the sake of our kids

19 Aug 06:02 PM
Premium
Business

Insider-trading accused distances himself from Eric Watson

19 Aug 05:00 PM

Most Popular

Firefighters save man trapped on car roof in raging torrent
New Zealand

Firefighters save man trapped on car roof in raging torrent

19 Aug 09:35 PM
Live: 'Unbelievable' wild weather - more homes evacuated overnight
New Zealand

Live: 'Unbelievable' wild weather - more homes evacuated overnight

19 Aug 07:25 PM
Wiggles in NZ: Wiggles star reveals life changing hospital encounter
Entertainment

Wiggles in NZ: Wiggles star reveals life changing hospital encounter

19 Aug 06:03 PM

Advertisement

Advertise with NZME.
About NZMEHelp & SupportContact UsSubscribe to NZ HeraldHouse Rules
Manage Your Print SubscriptionNZ Herald E-EditionAdvertise with NZMEBook Your AdPrivacy Policy
Terms of UseCompetition Terms & ConditionsSubscriptions Terms & Conditions
© Copyright 2022 NZME Publishing Limited
TOP