Web.com

Web.com® Security FAQs

What happened?

On August 13, 2015, Web.com discovered an unauthorized breach of one of our computer systems. As the result of this attack, the credit card information of approximately 93,000 customers (of the company's over 3.3 million customers) may have been compromised. The company quickly uncovered the unauthorized activity as part of its ongoing security monitoring, shut down the access, and immediately began working with a leading IT security firm to conduct a thorough investigation. We have reported the attack to credit card processors and the proper federal and state authorities. Affected customers have received an email from the company notifying them that their credit card information has been compromised and explaining the steps they must take. A letter, sent via the US Postal Service, will follow in the next few days.

Web.com will provide one-year of free credit monitoring for all customers who have been impacted by this incident.

Has the issue been resolved?

Yes.

How do I know if I was affected by this latest development? Should I call Web.com?

We have sent an email to all customers affected by this incident notifying them that their credit card information has been compromised and explaining the steps they must take. A letter, sent via the US Postal Service, will follow in the next few days. We have a special customer service hotline at 877-218-2561.

Who is Web.com?

Web.com is a leading provider of internet solutions and marketing campaigns for small businesses. Web.com owns numerous brands, including Network Solutions® and Register.com®, along with several other brands. You are receiving this email because, sometime in the past, you have purchased services from Web.com or through one of its other brands.

I've never heard of Web.com, how did you get my information?

Web.com is a leading provider of internet solutions and marketing campaigns for small businesses. Web.com owns numerous brands, including Network Solutions and Register.com, along with several other brands. You are receiving this email because, sometime in the past, you purchased services from Web.com or through one of its other brands.

How far back do the affected credit card data go?

Our record retention policy generally requires us to retain customer data for 7 years.

My card was no longer active. So why am I receiving this notification?

We proactively notified all current and former customers who have credit card information in our system that may have been compromised.

The credit card listed in the email/letter was expired. So why am I receiving this notification?

We proactively notified all current and former customers who have credit card information in our system that may have been compromised.

I cancelled my account with Web.com some time ago. So why am I receiving this notification?

Even though you are no longer a Web.com customer, our record retention policy generally requires us to retain customer data for 7 years. We proactively notified all current and former customers who have credit card information in our system that may have been compromised.

What if I have not received a notification?

We sent an email, on August 18, 2015, to all customers affected by this incident. A letter was mailed via the US Postal Service on August 20, 2015. It is possible you have not yet received your notification. If you do not receive a letter or email by August 30, 2015, you should assume that your credit card was not compromised.

How is Web.com protecting affected customers?

All affected customers will receive one-year of free credit monitoring to detect possible misuse of their personal information and help protect their identity. Enrollment information was included in the email sent to affected customers and will also be included in the letter that will be sent. (US Customers: see information in Table 1, below; Canadian Customers: see information in Table 2, below.)

What customer information was accessed?

Our investigation indicates that the credit card information of approximately 93,000 customers (of the company's over 3.3 million customers) has been compromised, including the name and address attached to these credit cards. Importantly, the card validation codes were not compromised, and no other customer information was accessed.

How could Web.com let all this customer information get accessed?

This unauthorized access is a crime. The company discovered the unauthorized activity as part of its ongoing security monitoring, quickly shut down the access, and immediately began working with a nationally recognized IT security firm to conduct a thorough investigation. We have reported the attack to credit card processors and the proper federal and state authorities. Web.com has very strong and sophisticated security measures in place to protect our computer systems and we regularly review and update our security protocols. Unfortunately, cybercrime is a persistent threat in today's world. Despite our best efforts, no business is immune.

How can I be assured you are taking the steps to protect my information in the future?

Web.com is committed to protecting our customers' information and providing the highest levels of security and reliability. We continue to make significant investments in our internal security processes and systems to prevent incidents like this from occurring. Our goal to protect our customers is of paramount importance to us as we strive to provide a more secure and reliable web environment for our customers.

When did Web.com learn that certain customer information was accessed?

We discovered the breach on August 13, 2015, as part of our ongoing security monitoring.

Why did it take Web.com five days to notify its customers?

The breach was discovered at night and, upon discovering the breach, the company assessed the situation and took steps to notify the proper authorities — banking, state and federal authorities. Next we took the appropriate steps to reach out to affected customers.

How many customers were affected by this incident?

Approximately 93,000 customer accounts may have been impacted.

What customer information was accessed?

Our investigation indicates that the credit card information of approximately 93,000 customers (of the company's over 3.3 million customers) has been compromised, including the name and address attached to these credit cards. Importantly, the card validation codes were not compromised, and no other customer information was accessed.

Does that information include social security numbers?

No social security numbers were compromised.

If I believe that my account or financial information was impacted, does that automatically mean additional information was stolen as well?

No. Our investigation indicates that the only information that may have been accessed was customer credit card information, which included the name and address attached to these credit cards.

Do you think you will find anything else?

We do not expect to find further security issues, but we are continuing with a thorough investigation.

Were any of my online customers affected by this breach?

No. Only the credit card information on file to pay for Web.com services has been affected. The unauthorized access was contained to one computer system.

Were Network Solutions or Register.com customers affected by this breach?

Computer systems supporting Network Solutions and Register.com were not compromised. However, if a Network Solutions or Register.com customer purchased services from Web.com, their credit card information may have been compromised and, if so, they will receive notification directly from Web.com.

Can I still use my existing credit card to pay for my Web.com services? Or do I need to provide a new credit card?

You should contact your financial institution to discuss the status of your existing card. We encourage you to provide us with a different form of payment to ensure you do not experience any interruption in your service.

What should I do now?

You should keep a close eye for any suspicious or unusual activity on any credit/debit cards that you may have used with Web.com. We advise you to monitor your own credit reports through Equifax, Experian, and/or Transunion (see contact information below). To know your rights, you can also visit the Consumer Financial Protection Bureau at: www.consumerfinance.gov. We also encourage you to sign up for the free one-year credit monitoring that Web.com is offering to affected customers, by following the enrollment steps included in the communication sent to you. (US Customers: See information in Table 1, below; Canadian Customers: see information in Table 2, below.)

Have there been any reports of misuse?

You should keep a close eye for any suspicious or unusual activity on any credit/debit cards that you may have used with Web.com. We advise you to monitor your own credit reports through Equifax, Experian, and/or Transunion (see contact information below). To know your rights, you can also visit the Consumer Financial Protection Bureau at: www.consumerfinance.gov. We also encourage you to sign up for the free one-year credit monitoring that Web.com is offering to affected customers, by following the enrollment steps included in the communication sent to you.

There are fraudulent charges on my credit/debit card. What do I do?

Immediately contact the financial institution that issued the credit/debit card and alert them to the fraudulent charges. They will provide you with instructions on how to dispute the fraudulent charges and issue a new card to avoid any further unauthorized activity.

How can I protect my deceased loved one?

You should contact your financial institution to discuss the status of your deceased loved one's card.

This letter is addressed to my family member (spouse, mother, father, etc.). Can you speak to me about it?

Your — spouse, mother, father, etc. — should contact their financial institution to discuss the status of their card.

I never received an activation code to enroll in the credit monitoring services in my letter. How can I receive that code?

The activation code can be found on the email and letter that you have received. For more information, you may call 877-218-2561 and reference #2761081715.

Who did this?

We do not know the identity of the perpetrators.

Has this been reported to the police?

Yes, to the appropriate state and federal authorities.

Why did I receive more than one email and letter?

You received more than one notification email and letter because you have more than one credit card in the system that was breached. You would have received one email and one letter for each credit card we have on file — which are identified by the last four digits of each card.

I am with the police/media, who else can I talk to?

If you are a journalist, blogger or other media outlet, please contact John Herbkersman, from our Public Relations department, at jherbkersman@web.com. If you are from a law enforcement agency, please contact our legal department at legal@web.com.

Will there be updates? How will I be updated?

If there is more information to report, we will update our FAQs found on https://security-faqs.web.com.

Where can I find out more information?

For more information about this security incident, you may call 877-218-2561 and reference #2761081715.

TABLE 1 — US Credit Monitoring Enrollment Information

What we are doing to protect your information:

To help protect your identity, we are offering a complimentary one-year membership of Experian's® ProtectMyID® Alert. This product helps detect possible misuse of your personal information and provides you with superior identity protection support focused on immediate identification and resolution of identity theft.

Activate ProtectMyID Now in Three Easy Steps:

  1. Ensure that you enroll by: November 30, 2015 — The reference number will not work after this date.

  2. To enroll go to: www.protectmyid.com/alert and use the unique activation code found in your email and letter.

  3. Or call 877-297-7780 and use this reference/engagement number: 2761081715; and provide your unique activation code when prompted by the representative. This telephone number is available Monday thru Friday 9 a.m. — 9 p.m. ET and Saturday thru Sunday 11 a.m. — 8 p.m. ET.

Additional details regarding your 12-MONTH ProtectMyID Membership:

A CREDIT CARD IS NOT REQUIRED FOR ENROLLMENT. ONCE YOUR PROTECTMYID MEMBERSHIP IS ACTIVATED, YOU WILL RECEIVE THE FOLLOWING FEATURES:

Once your enrollment in ProtectMyID is complete, you should carefully review your credit report for inaccurate or suspicious items. If you have any questions about ProtectMyID, need help understanding something on your credit report or suspect that an item on your credit report may be fraudulent, please call 877-297-7780.

* Identity theft insurance is underwritten by insurance company subsidiaries or affiliates of AIG. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions.



Table 2 - Canadian Credit Monitoring Information

T!PS Product Information

T!PS (Total Identity Protection Services) will provide you with:

The various components of the TIPS product offering are:

Alert Notification — Based on changes in any of the above listed items, an alert notification will be provided to the subscriber within one business day of the time data is reported from creditors.

Credit Report — Upon completion of registration and passed authentication, subscribers will receive immediate online access to their credit history via their credit report.

Credit Score — This provides a snapshot of the subscriber's current credit-worthiness based on an evaluation of common factors that many lenders use to determine whether or not to extend credit. It outlines both the positive and negative factors that impact their score and compares their score to the national average.

Full Restoration — idAlerts provides restoration assistance (including full expense reimbursement and Limited Power of Attorney, if requested) in order to restore credit worthiness and identity back to the pre-victim status. This service is provided with a zero deductible and has no ceiling cap on applicable expense reimbursement.

To activate your T!PS subscription:

  1. Visit the http://www.idalerts.ca website

  2. Click on Enroll Now

  3. Complete the registration

  4. Check Box (One Year Plan)

  5. Enter your unique Promo Code which you can find in the email and letter sent to you by Web.com. (By entering the Promo Code, the annual cost will be reduced to “zero” for the term duration (i.e.: 12 months.)

  6. You may call 1-866-353-3131, Monday through Friday, 9:00 a.m. to 5:00 p.m. ET. You will need to provide the representative with your unique Promo Code number.

  7. Your unique Promo Code will expire on November 30, 2015.

Other resources available to the customer affected by this incident:

We recommend that you closely review the information provided in this FAQ for some steps that you may take to protect yourself against potential misuse of your credit and debit information. You should remain vigilant for incidents of fraud and identity theft by regularly reviewing your account statements and monitoring free credit reports. If you discover any suspicious or unusual activity on your accounts or suspect fraud, be sure to report it immediately to your financial institutions. In addition, you may contact the Federal Trade Commission ("FTC") or law enforcement to report incidents of identity theft or to learn about steps you can take to protect yourself from identity theft. To learn more, you can go to the FTC's Web site, at www.consumer.gov/idtheft, or call the FTC, at (877) IDTHEFT (438-4338) or write to Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580.

You may also periodically obtain credit reports from each nationwide credit reporting agency. If you discover information on your credit report arising from a fraudulent transaction, you should request that the credit reporting agency delete that information from your credit report file. In addition, under federal law, you are entitled to one free copy of your credit report every 12 months from each of the three nationwide credit reporting agencies. You may obtain a free copy of your credit report by going to www.AnnualCreditReport.com or by calling (877) 322-8228. You may contact the nationwide credit reporting agencies at:

Equifax
(800) 525-6285
P.O. Box 740241
Atlanta, GA 30374-0241
www.equifax.com

Experian
(888) 397-3742
P.O. Box 9532
Allen, TX 75013
www.experian.com

TransUnion
(800) 680-7289
Fraud Victim Assistance Division
P.O. Box 6790
Fullerton, CA 92834-6790
www.transunion.com

In addition, you may obtain information from the FTC and the credit reporting agencies about fraud alerts and security freezes. You can add a fraud alert to your credit report file to help protect your credit information. A fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you, but it also may delay your ability to obtain credit. You may place a fraud alert in your file by calling just one of the three nationwide credit reporting agencies listed above. As soon as that agency processes your fraud alert, it will notify the other two agencies, which then must also place fraud alerts in your file. In addition, you can contact the nationwide credit reporting agencies regarding if and how you may place a security freeze on your credit report to prohibit a credit reporting agency from releasing information from your credit report without your prior written authorization.

If you have been a victim of identity theft and you provide the credit reporting agency with a valid police report, it cannot charge you to place, lift, or remove a security freeze. In all other cases, a credit reporting agency may charge you up to $5.00 each to place, temporarily lift, or permanently remove a security freeze. To place a security freeze on your credit report, you must send a written request to each of the three major consumer reporting agencies listed above.

In order to request a security freeze, you will need to provide the following information:

  1. Your full name (including middle initial as well as Jr., Sr., II, III, etc.);

  2. Social Security number;

  3. Date of birth;

  4. If you have moved in the past five (5) years, the addresses where you have lived over the prior five years;

  5. Proof of current address (e.g., a current utility bill or telephone bill);

  6. A legible photocopy of a government issued identification card (e.g., state driver's license or ID card or military identification);

  7. If you are a victim of identity theft, a copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft;

  8. If you are not a victim of identity theft, payment by check, money order, or credit card (Visa, MasterCard, American Express or Discover only). Do not send cash through the mail.

The credit reporting agencies have three (3) business days after receiving your request to place a security freeze on your credit report. The credit reporting agencies must also send written confirmation to you within five (5) business days and provide you with a unique personal identification number (PIN) or password, or both that can be used by you to authorize the removal or lifting of the security freeze. To lift the security freeze in order to allow a specific entity or individual access to your credit report, you must call or send a written request to the credit reporting agencies by mail and include proper identification (name, address, and Social Security number) and the PIN number or password provided to you when you placed the security freeze, as well as the identities of those entities or individuals you would like to receive your credit report or the specific period of time you want the credit report available. The credit reporting agencies have three (3) business days after receiving your request to lift the security freeze for those identified entities or for the specified period of time.

To remove the security freeze, you must send a written request to each of the three credit reporting agencies by mail and include proper identification (name, address, and Social Security number) and the PIN number or password provided to you when you placed the security freeze. The credit reporting agencies have three (3) business days after receiving your request to remove the security freeze.