The breach happened Aug.13. The company discovered the unauthorized activity as part of its ongoing security monitoring and shut down the access. The scheduled monitoring found the breach the day it happened.
Web.com reported the crime to authorities and has been working with a nationally recognized information technology security firm to conduct an investigation into the attack, according to the filing.
"The security of our customer information is a high priority for Web.com. Our goals are simple – to protect our clients from internet attacks and, in the event that an attack succeeds, to fix the problem immediately," said David L. Brown, chairman, CEO and president of Web.com in a prepared statement.
Web.com spokesman John Herbkersman said the probe into the breach will be exhaustive. "The investigation is going to take some time," he said. "They [security] are looking at every piece of coding inside our firewalls."
Customers that may have been impacted by the breach are receiving an email detailing the steps the company is taking. A letter, sent via the US Postal Service, will follow, according to the company.
Web.com reported in the filing it would provide one-year of free credit monitoring for all customers who have been impacted by the breach.
Web.com has set up a FAQ page for customers that may have been impacted by the breach athttp://security-faqs.web.com.
The full text of the SEC filing is at http://1.usa.gov/1E37SYX.
Bill Bortzfield: (904) 359-4226; Drew Dixon (904)-359-4098