• United States



Network Solutions warns merchants that hackers may have stolen transaction data on 500,000

Jul 24, 20094 mins
Core Java

Networks Solutions warned merchant customers Friday than criminals had hacked into their servers between March and June of this year and may have collected details on 573,928 credit card transactions.

Here’s the letter that was sent to merchants:

URGENT: Customer Data Security Alert

Dear Network Solutions Merchant:

We believe that some credit card transactions that took place on your website this past spring

were intentionally diverted from certain of our servers to servers outside Network Solutions by an

unknown source. We believe this may have resulted in unauthorized access to credit card account

numbers, names and addresses of some of your customers. At this point, we have no reports or

other reasons to believe that any credit card account information has been misused and, under

established practice, credit card issuing companies generally will not hold your customers liable for

any fraudulent purchases made using their credit card account numbers that are reported in a timely

way to the issuer.

Your Next Steps:

Under various state statutes, a retailer is to inform its U.S. customers when the security of their

personal information is compromised. To help with this responsibility, we have engaged

TransUnion, one of the leading credit reporting bureaus and an organization with extensive

experience helping companies address customer security issues, to help you with the required

communications to your U.S. customers.

• Step 1: Go to and login using your Network Solutions

username and password.

• Step 2: Follow the instructions on the website and opt-in if you would like TransUnion

to handle notification to your potentially affected U.S. customers.

What TransUnion Will Do:

Free of charge to you and your customers, Network Solutions has arranged for TransUnion to

do the following:

• Provide communications to your U.S. customers that comply with the notification

requirements of individual states as appropriate and provide information that will help your

customers protect their credit card accounts;

• Assemble the mailing lists required for outreach to your U.S. customers;

• Handle the mailing of these communications to your U.S. customers;

• Establish and operate a toll-free hotline that your U.S. customers can call for information;


• Provide your U.S. customers with 12 months of free credit monitoring.

You do not have to pay for these services. Network Solutions will pay TransUnion to provide

these services to you and your U.S. customers. If you elect to use this service, Network Solutions

will provide to TransUnion, on your behalf, the necessary information about potentially affected

customers. If you have any questions about TransUnion’s services please visit

What Happened:

In the ordinary course of business, Network Solutions identified unauthorized code on servers

supporting some of our E-Commerce merchants’ websites. We promptly removed this code, and all

of our E-Commerce servers are functioning properly. No servers supporting

were affected.

After conducting an analysis with the assistance of outside experts, we determined that the code

may have been used to transfer data on certain transactions for approximately 4,343 of our more

than 10,000 merchant websites to servers outside the company. The code may have captured

transaction data from approximately 573,928 cardholders for certain periods this spring. Exposure

varied by merchant, but in all cases took place sometime between March 12, 2009 and June 8, 2009.

Transactions after June 8, 2009 were not exposed to the unauthorized code.

We have also informed the appropriate law enforcement agencies of the matter and are working

closely with them on the investigation.

This problem has NOT affected any transactions your customers may have completed

after June 8, 2009, nor any transactions they may make in the future. When you login at you will be given the date range for the transactions that may have been


Our Commitment to You:

Your ability to rely on the safety and security of our solutions is our highest priority. We pride

ourselves on our ability to help you build your business, and we are deeply sorry that this has

occurred, and for the concern and inconvenience it causes you and your customers. Unfortunately,

any company operating in our business could have become a victim of this kind of invasion.

Network Solutions is taking action to make it as easy as possible for you to assist your customers

and preserve their goodwill.

Network Solutions is committed to providing you with the solutions you need to build your

business, and to making every effort to ensure that we fully address your concerns and those of your


Additional information including frequently asked questions is available at If you still have questions after visiting the website, please call Network

Solutions at 888-642-0297.


Roy Dunbar

Chairman & CEO of Network Solutions