Network Solutions has disclosed that almost 600,00 consumers have had their credit card information stolen from merchant sites hosted by the company.
According to the company’s web site, “In the ordinary course of business, Network Solutions identified unauthorized code on servers supporting some of its ecommerce merchants’ websites.”
Network Solutions reports that 4,343 different web merchants were compromised and 573,928 individual credit card holders were exposed to having their financial records “captured” by sources outside the company.
Network Solutions is a major vendor of web services including domain names, web hosting and even selling e-mail accounts for $4.99/month in the face of all the free alternatives.
It is reasonable to expect that a great majority of the more-than half million people exposed in this identity theft have no knowledge that their credit information was not only being handled by the merchant but also by corporate warehouse of personal data. The Network Solutions Privacy Policy is vague on the subject, generally asserting that third parties (presumably the merchants) have obtained the proper permissions to place the data with Network Solutions.
To mitigate potential direct damages, Network Solutions has agreed to provide any affected person with a one year free credit monitoring service by Transunion, one of the two major credit reporting agencies.
If you were affected by this security breach, Network Solutions states you will receive a letter from your credit card company that will include a gift certificate code which can be entered directly at this Transunion web site.
Network solutions did not address the predictable other harms that will occur to many of the half million victims such as being required to expend time, money and emotional strain restoring their identity if their financial information is successfully exploited outside the scope of Transunion monitoring.
While Network Solutions Terms of Service thoroughly indemnifies itself as against its customers, there may be a legal question whether or not it can indemnify itself against its customers’ customers.
So far, there have been no official reports of impending class action law suits.
