eBay Inc. To Ask eBay Users To Change Passwords

eBay-Inc.-To-Ask-eBay-Users-To-Change-PasswordsHello and Assalamo Alaikum,

Got shocked? Why wouldn’t you be yeah… This is scary when you come to know eBay’s database got compromised! That must have taken so much in depth knowledge about hacking and sad to know people waste time in doing wrong stuff rather than getting themselves settle down at right place.

As per eBay blog:

“eBay Inc. (Nasdaq: EBAY) said beginning later today it will be asking eBay users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords and other non-financial data. After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.

Information security and customer data protection are of paramount importance to eBay Inc., and eBay regrets any inconvenience or concern that this password reset may cause our customers. We know our customers trust us with their information, and we take seriously our commitment to maintaining a safe, secure and trusted global marketplace.

Cyberattackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay’s corporate network, the company said. Working with law enforcement and leading security experts, the company is aggressively investigating the matter and applying the best forensics tools and practices to protect customers.

The database, which was compromised between late February and early March, included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth. However, the database did not contain financial information or other confidential personal information. The company said that the compromised employee log-in credentials were first detected about two weeks ago. Extensive forensics subsequently identified the compromised eBay database, resulting in the company’s announcement today.

The company said it has seen no indication of increased fraudulent account activity on eBay. The company also said it has no evidence of unauthorized access or compromises to personal or financial information for PayPal users. PayPal data is stored separately on a secure network, and all PayPal financial information is encrypted.

Beginning later today, eBay users will be notified via email, site communications and other marketing channels to change their password. In addition to asking users to change their eBay password, the company said it also is encouraging any eBay user who utilized the same password on other sites to change those passwords, too. The same password should never be used across multiple sites or accounts.

About eBay Inc.

eBay Inc. (NASDAQ: EBAY) is a global commerce and payments leader, providing a robust platform where merchants of all sizes can compete and win. Founded in 1995 in San Jose, Calif., eBay Inc. connects millions of buyers and sellers and enabled $205 billion* of commerce volume in 2013. We do so through eBay, one of the world’s largest online marketplaces, which allows users to buy and sell in nearly every country on earth; through PayPal, which enables individuals and businesses to securely, easily and quickly send and receive digital payments; and through eBay Enterprise, which enables omnichannel commerce, multichannel retailing and digital marketing for global enterprises in the U.S. and internationally. We also reach millions through specialized marketplaces such as StubHub, the world’s largest ticket marketplace, and eBay classifieds sites, which together have a presence in more than 1,000 cities around the world. For more information about the company and its global portfolio of online brands, visit www.ebayinc.com.

* This adjusted number reflects decision to remove vehicles and real estate GMV from ongoing total GMV and ECV metrics (previously stated ECV for 2013 was $212 billion, incorporating vehicles and real estate GMV).”

Many people over the world shopping online must be having an eBay account and I strongly suggest to change your passwords as quick as possible. Also make sure to use combination of letters, numbers and special characters. As always security remains a concern over the internet and when giant companies gets into trouble that’s not a good sign for rest of the world over internet.

Welcome to my newest sponsor – DotClub


Hello and Assalamo Alaikum,

I would like to give a very warm welcome to my newest sponsor – DotClub – is a Fort Lauderdale, Florida based company founded by serial entrepreneur Colin Campbell (Tucows, Hostopia).

The Company was formed in 2012 specifically for the purpose of applying for and operating the new generic top level domain name (gTLD) “.CLUB”  as well as to create a complimentary online social network platform for clubs and membership organizations.











According to Namestat.org, Top10 Fastest Growing gTLDs are as follows:


And for Top 10 Best Selling gTLDs along with the number of registrations you will see .club at 2nd place as of now:

.guru – 57,032
.club – 48,271
.berlin – 47,281
.photography – 35,470
.在线 (online) – 31,423
.email – 29,454
.link – 24,563
.today – 24,081
.tips – 22,186
.company – 18,741

As you know Sunday is normally slow day for domain registrations but .club hasn’t been slowing compare to the starting days of general availability. I have seen DotClub team doing excellent marketing in promoting their gTLD. It seems they are unstoppable and why wouldn’t they be when the company is well funded, having raised $8.2 million from investors.

To be honest I haven’t registered any .club domain or any other gTLDs. That doesn’t mean I don’t like .club domains. It’s just that my focus is more on .com domains but I will surely explore deeply wherever I see the opportunity coming my way.

I am very delighted to have them as my newest sponsor of AbdulBasit.com

I sincerely wish them best of luck in reaching the top of gTLDs game.

Feel free to showcase your .club and let everyone know.

Change your passwords as URL shortener Bit.ly gets hacked

Change-your-passwords-URL-shortener-Bitly-gets-hackedHello and Assalamo Alaikum,

Recently I came to know about Bit.ly account credentials may have been compromised. I personally never used this URL shortener service but many people do as I just checked their Alexa Traffic Rank is just 290 which is really good in terms of traffic to their domain. It was a shock to see such a big site getting their user’s data compromised somehow. But things look better and hopefully they will take the necessary steps in order to keep thing completely safe and secure.

If you guys have an account with them I strongly recommend you to change the password. Complete detail on what’s going on right now and what steps to follow for securing your account are here:

Also I will copy the message from the above link:

UPDATE #4 – MAY 11 at 11:33AM EDT: We are sending an email to all users from the domain bitlysupport.com outlining the steps to secure your account.  If you have already followed the steps to secure your account, you do not need to do so again.

UPDATE #3 – MAY 9 at 2:45PM EDT: We have updated this post to address questions regarding the Bitly iPhone app.

UPDATE #2 – MAY 9 at 10:30AM EDT:  We have updated this post to explain what specifically was compromised and we’re encouraging all of our users to secure their Bitly accounts by following the recommendations listed below.

UPDATE #1 – MAY 8 at 8:32PM EDT: We have updated the section of this post regarding users who have Twitter or Facebook accounts connected to their Bitly accounts.

We have reason to believe that Bitly account credentials have been compromised; specifically, users’ email addresses, encrypted passwords, API keys and OAuth tokens. We have no indication at this time that any accounts have been accessed without permission. We have taken steps to ensure the security of all accounts, including disconnecting all users’ Facebook and Twitter accounts. All users can safely reconnect these accounts at their next login.

We are recommending all Bitly users make these changes. Please take the following steps to secure your account: change your API key and OAuth token, reset your password, and reconnect your Facebook and Twitter accounts.

We invalidated all credentials within Facebook and Twitter. Although users may see their Facebook and Twitter accounts connected to their Bitly account, it is not possible to publish to these accounts until users reconnect their Facebook and Twitter profiles.

Following are step-by-step instructions to reset your API key and OAuth token:

1) Log in to your account and click on ‘Your Settings,’ then the ‘Advanced’ tab.

2) At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’

3) Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.

4) Go to the ‘Profile’ tab and reset your password.

5) Disconnect and reconnect any applications that use Bitly. You can check which accounts are connected under the ‘Connected Accounts’ tab in ‘Your Settings.’

We have already taken proactive measures to secure all paths that led to the compromise and ensure the security of all user data going forward.

If you’re experiencing any trouble with the Bitly iPhone app, please update to the latest version found here.  We have expedited an update to address any issues.

If you have account-specific questions, you can reach us at support@bitly.com.

We take your security and trust in us seriously. The team has been working hard to ensure all accounts are secure.  We apologize for any inconvenience and we will continue to update our Twitter feed, @Bitly, as we have any further updates.

Thank you.

Mark Josephson
CEO, Bitly”

Security is always a concern on internet and we must make sure to keep our passwords a combination of letters, special characters and numbers. Also try to keep different passwords for all the sensitive and important sites you think are for yourself.

DropCatch.com – new domain backordering company with worst possible issue

DropCatch-another-backordering-companyHello and Assalamo Alaikum,

I am not sure if you guys are aware of new backordering service which was publicly beta launched some time back. I came to know about them when I placed the backorders with SnapNames, NameJet and other companies I found that it was caught by a company called DropCatch.com.

Later I found they are part of HugeDomains and they have caught over  1,000,000 for themselves and recently launched DropCatch for public. They offer backorders for .com and .net domains only. According to the conversation I had with them in past they currently have no plans to expand this to other TLDs.

So when I placed my first backorder it was clear that I was the winner because I received an email from them being the winner and can proceed to make payment of $59 and I tried to topup my account but later found that there were some more bidders and their support team apologized by saying we are still in beta and there was a bug which has been fixed. So ultimately the domain went through 5 days auction process. Yes, 5 days auction.

I gave my feedback to their team for changing from 5 days to 3 days and change the auction finish time 3 hours earlier which is quite near to what SnapNames, NameJet and other auction platform time ends. I was happy to see both these changes were made quite quickly and I appreciate that.

But the main problem is whatever the domain I have backordered goes into “Public Auction” since I started using them still exists and they don’t just care about it. Surely, it will hurt them in future and I hope they will listen to their clients or start losing them quickly.

This “Public Auction” is the worst thing I have seen at any backordering company. Let me give you an example for recently concluded auction at DropCatch. I backordered Bespoke.com along with other 44 bidders who had ordered this domain before it was caught by DropCatch. So once the auction started until it finished there were a total of 54 bidders. An increase of 10 bidders jumping into the action and I tell you all those additional bidders came really pumped up the bidding war. My highest bid was in five figures but if those people hadn’t come my chances to win that domain were far better.

Now I don’t have any complaints for those who jumped in at later stage or were not part of the initial backordering stage. All I have problem is with DropCatch system and their team who doesn’t really care about this. I have asked them numerous times to get rid of this or you will start losing interest from people involved in using your backordering service. Their answer as always was that I am the ONLY person who is asking for this change and no one else does!

Is that what you think DropCatch? Check out the comment section at DomainNameWire and you will come to know if I am the ONLY person dissatisfied and asking change for betterment.

This doesn’t make any sense to me that 2 people doing their research, putting all efforts and time finding the gem out of the rough and once the auction starts I simply jump in and start bidding including all other people who were not aware of that domain before the domain got started as public auction. That’s simply waste of time and utter nonsense for the person who did this research. Do you (DropCatch) think we domainers have plenty of time to waste?

Yes, I am still using them because there are not much people who knows about them compare to bidders at SnapNames and NameJet. So with less competition there is always a chance to get a domain at lesser price.

So any one had experienced DropCatch backordering service and what are your thoughts? Feel free to post a comment 🙂


Received a response from DropCatch.com official after I sent my and DNW article link mentioned below:

Hello AbdulBasit,

We are following the domain name article and have been discussing the issue you have raised for quite some time.

These things don’t change overnight and we will let you know (probably with a DropCatch blog post) what we decide to do when we have decided it. A lot goes into keeping something like this running. Your patience is appreciated.