Melbourne IT admits hack, says 'twas but a flesh wound
Report says Oz outfit hacked to harm Twitter's DNS
Australian domain registrar Melbourne IT admits “an unauthorised third party” has attacked the company, but says the incident was minor.
Domain name registrars have been copping it of late, with name.com yesterday forced to reset its customers' passwords after an attack and Linode taking the same precaution in mid-April.
Online naughtiness perpetration outfit Hack the Planet is thought to have had a hand in name.com's woes and has claimed responsibility for the latter, and for the attack on Melbourne IT. The page on which it does so is now available only through cache trickery here, but says “Xinnet, MelbourneIT, and Moniker” have all been breached. The page also says a dump of registrar information has been released, but the URL at which the file is supposed to live is gone, as is any cached trace.
Domain Name News reports that Hack the Planet targeted Melbourne IT because it does domain business for Twitter.
Melbourne IT offered The Reg the following statement about the incident:
“Melbourne IT is aware of an incident where an unauthorised third party attempted to access Melbourne IT servers. The attacker managed to gain limited access to a low-level server which hosts content for one of Melbourne IT’s non-retail websites but hosts no customer data nor sensitive company data. Our investigations have found no evidence of any data loss and no evidence of unauthorised access to any other Melbourne IT system.”
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust