Namecheap breach exposes users' domains to hackers

News by Ava Fedorov

Domain manager and hosting provider, Namecheap, issued an “urgent security warning” on its blog early this week in response to the leak of user account details by hackers. The security breach is thought to be a direct result of the recent disclosure of the login information of over 1 billion users, compiled and leaked by Russian hackers.

Despite persistent, rapid-fire attempts to control accounts, the attackers have been thwarted for the most part by Namecheap's “aggressive” blocking of suspicious IP addresses that appear to be using the stolen data, according to the company's blog. The data is also being given to law enforcement for further examination.

“It's clear that we've reached a point where usernames and passwords alone are no longer good enough,” Phil Turner, VP EMEA at Okta, commented in an email to “It's vital that all organisations are enforcing multi-factor authentication – which requires two or more factors to verify the legitimacy of the user,” he advised, a move which “reduces the risk of unauthorised access, should password details be compromised.”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews