|“Moniker’s Operations & Security team has discovered and blocked suspicious activity on the Moniker network that appears to have been a coordinated attempt to access a number of Moniker user accounts,” the company said in the notification sent to customers. |
“While our password encryption measures are robust, we are taking additional steps to ensure that your personal data and domains remain secure. This means that, to be absolutely sure of the security of your account, we are requiring all users to reset their Moniker account password,” Moniker said.
Official Moniker announcement. [t.lt02.net]
|brotherhood of LAN|
Hopefully anyone involved here has kept their contact details up to date.
Hopefully nobody used the same password there and at any other place ...
Interesting that they're asking customers to use the e-mail a new password method rather than having people log in and then use the password reset feature that already exists in the control panel.
|Interesting that they're asking customers to use the e-mail a new password method rather than having people log in and then use the password reset feature that already exists in the control panel. |
Yes, this is all very poorly handled. I'm locked out of my account until I hear back from support. Moving my domains elsewhere when/if I get back in.
I had to call up Support for one account. The call was answered immediately and my issue was fixed very quickly.
I'd rather have them notify account holders of a breach, and initiate a password reset campaign like this though. Sure, it's probably stretching their resources at the moment, but I think they did the right thing. Perhaps this will encourage them to smooth out their account management system and to add more security options.
I'll admit this isn't the sole reason why I'd prefer to move things elsewhere, but the fact that support isn't responding to my e-mails does nothing but reinforce that preference. The interface hasn't changed in a while, for one, despite the fact that it's not very usable. I did get back into my account, thankfully, after they somehow (weirdly) changed the security question and I was able to answer that successfully.
The worst part of this is that I had to log into Moniker and
1. As is frequently the case, I seem to have to do a password reset and can't actually manage it without calling support. Now I manage hundreds and hundreds of logins and there are only about 2-3 where I seem to have persistent problems.
2. Then I log in and my head hurts. How do I *do* anything on that website?
The only thing that keeps me there is inertia and memory decay (in oterh words, when I'm ready to overcome the inertia, I forget why I dislike Moniker so much).
|Hopefully nobody used the same password there and at any other place ... |
Second login compromised this month and second one that was a randomized, auto-generated password. It's always reassuring to look at my old password and realize that it is not used elsewhere.
A few years ago, I created an account with moniker and tried to register a domain.
The domain was available, but moniker wouldn't register it.
A few days later, I received a message from the "security division" at moniker asking me to confirm some information I had provided, or otherwise the domain wouldn't be registered.
I then asked if, should in the future I want to register a domain in a hurry, I would be subject to such delays.
The person said that he was THE "security division" at moniker; he was in holidays when I tried to register the domain, hence the delay.
In the future, should he be again in holidays, yes, I would have to wait for his return.
I asked for a refund (they kindly agreed) and never came back to moniker.
Alrighty . . Just went to login x4 and each time I get . . . "!Problem loading page! The connection has timed out."
Maybe their hacker friends aren't yet done having fun?
Or maybe their security expert has decided that making the site inaccessible will be the best solution for now?
So having decided that the email I got from them last month was a phishing attempt (it was sent through some other company's system, NOT moniker.com)I finally discovered today that I couldn't logon. I tried the 'forgot password' link but I was asked security questions I have no recollection whatsoever of. I emailed support but got a standard automatic reply asking me to submit a ticket. I filled in all the details, clicked the submit button and was asked to logon before it could be sent. I couldn't logon because ............
What a shambles.
On another note; if and when I finally do get another password it will be alphanumeric only, special characters are not accepted. No wonder they got hacked.
So I finally got through to Moniker via my Snapnames account (!) only to get a boilerplate request to phone them. Much against my will I tried to do so instead of going to bed (Like, I suspect, most of their customers I am in a different timezone) only to give up trying half an hour later. Does anyone know any way of actually contacting a real live person in this company?
|So having decided that the email I got from them last month was a phishing attempt (it was sent through some other company's system, NOT moniker.com) |
I just re-checked all the notices I was sent about this. They all came from moniker.com e-mail addresses, but looking at the header they did use some service called listrak which may have thrown things for you.
As mentioned above, I did have to call them. During the earlier days of this issue they must have had additional staff allocated because I was surprised to reach someone outside their regular business hours.