Having a third party play a role in the breach highlights that even if a company does everything right from a security perspective, it often has no control over other companies in a supply chain. Because registrars are the equivalent of a hacker jackpot, they have to be more vigilant about the security of their partners.
"They make really attractive targets and their security ought to be better than any one organization that they're hosting a domain for," Schultz said of registrars.
Melbourne IT is not the only registrar to suffer a breach. In April, Network Solutions reported a large-scale infection of sites it hosted. The attackers were able to inject malicious code into the sites.
Melbourne IT, which provides domain name registration in most of the major national and global top-level domains, is considered above average in security. Nevertheless, the recent hack demonstrates no registrar is safe.
Jamie Blasco, lab director for AlienVault, said: "This will be an example that will show [customers] how they can perform better risk assessments."
Sign up for Computerworld eNewsletters.