Minds + Machines Registrar Security Breach

I was informed by a reader that there was a security breach today at the Minds + Machines registrar.

An email was sent at approximately 12:00 UTC on August 11, 2014 from one of the Minds + Machines customer support email accounts redirecting customers to link with a false Google Drive account page. If you have a Gmail account and you entered your details, please immediately change your Gmail account password.

Minds + Machines believe that one of their customer service representatives computers may have been compromised.

All email addresses to which this email was sent are visible to other customers.

The registrar was very active during the .London New gTLD priority phase that didn’t run smoothly.

Here is the complete email to customers from Minds + Machines today:

Dear Minds + Machines Customer,

To help ensure customers? trust and security on Minds + Machines, I would like to remind you that Minds + Machines staff will NEVER ask you for your accounts? password via email. Our number one goal is to keep our site and information secure.

If you are receiving this email, you may have received an email at approximately 12:00 UTC on August 11, 2014 from one of our customer support email accounts redirecting you to link with a false Google Drive account page. If you have a Gmail account and you entered your details, please immediately change your Gmail account password.

We believe that one of our customer service representatives computers may have been compromised. We take this issue very seriously, so we are currently running security scans on all of our computers.

We do apologize for any inconvenience or concern this may cause you. Nothing is more important to Minds + Machines than the security and trust of our customers. We know our customers have high expectations of us, and we are committed to ensuring a safe and secure online experience for you on any connected device.

Wendy Bury
Head of Customer Service
Minds + Machines Registrar

Sold.Domains

About Konstantinos Zournas

Konstantinos studied Computer Engineering and Computer Science in London and lives in Athens, Greece. He works on domain names, websites and software development. Has been online since 1995 & domaining since 2002.

3 comments

  1. Phishing is the #1 method by witch account credentials get compromised. Never click on email links, always visit the web site (PayPal, GoDaddy etc.) directly.

  2. witch = which, Freudian slip 😛

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.