[ad_1]
Domenai.lt sent this letter to its clients (we present an edited version).
“Hello, these days a lot of personal data has been published from various Lithuanian websites. The truth is that there are no invulnerable systems, there is very little time, very little knowledge or very little desire to break them. Unfortunately, although we are probably crazy about security , there is a possibility that the security of our database has been compromised.
Why are we writing this post? We value honesty above all else and protect the personal data entrusted to us to the best of our ability. We want to apologize, inform and protect you if our suspicions are confirmed.
What happened? This Friday (February 26, 2021) we received a notification that the security of our database has been compromised. We immediately launched an investigation into this incident and have taken every precaution to ensure maximum protection of your personal data and services should the information be verified.
A fragment of the database was provided to us later, but no personal data was seen in it. The notifier did not indicate whether he knew the personal data. We currently have no information to filter your personal information. We closely follow the situation, we investigate all possible scenarios.
What data could have been leaked? Name, surname, address, phone number, email address, encrypted account login password, and information about the domains you own.
What data could not be filtered? Personal identification number (we do not collect or ask during registration). Copy of identity document (not collected). Credit card data (not collected). Login passwords for hosting services (not accumulated). Site login passwords (not collected). Mailbox email login passwords (not accumulated).
Is it possible to steal existing domains with potentially stolen information? No, there is no such possibility. Although we have no information that the data has been leaked, we have changed the authorization codes for all domains. Even if the information is verified, made public, your domains are safe, old authorization codes are invalid, have no value, they are removed.
The data is currently public, is it offered for purchase? At this point, the data is not public, it is not known if it was leaked. It is not offered for purchase.
What are the potential threats? Don’t wait for you and change your passwords when possible to enable 2-level authentication (2FA). Don’t take chances, especially if you use the same password on multiple systems, like Gmail, Facebook, etc.
There may be an increase in spam emails or promotional phone calls. It will not be possible to request and pay for services on your behalf on our website or other portals, as we do not collect payment cards or other data necessary to make a payment.
What steps have we taken? 1) We change the authorization codes of your domain, we delete the old ones.
2) If you have not logged into the Paskyra.domenai.lt website for a year, we have changed your password to a random one. If you cannot log in, please use the password reminder function.
3) To protect the login to your domenai.lt account as much as possible, from now on we will enable mandatory 2-level authentication for all customers. It may not be that convenient, but security is very important to us, we will make sure that security does not interfere with convenience.
4) We carry out an audit of the computer system.
5) We have implemented additional security measures.
6) We reported the possible incident to SDPI and are preparing a statement to the police regarding the initiation of the pre-trial investigation.
Once again, we sincerely apologize and if you have any further questions please reply to this email. We hope the data does not leak.
We will continue to do everything possible to ensure that the data you entrust to us. If we have additional information, we will inform you further. All your questions will be answered by the Domenai.lt support team: Kristina, Tautvydas, Donatas. email: [email protected]. “.
[ad_2]
