This may be old news to a degree, but I don't think the event got loud enough media coverage, so some some may have missed it. But, this column (http://voices.washingtonpost.com/securityfix/2008/12/digging_deeper_into_the_checkf.html)from the Washington Post presents a in-depth look at how the exploit occurred, and focuses on how apparently stolen credentials were presented to Network Solutions and used to redirect traffic for several hours to a bogus server. CheckFree handles about 70-80% of online bill payments in the U.S.

Ouch... I hope they work out exactly how this was done, seems to be mostly guess work from that report.

Ouch... I hope they work out exactly how this was done, seems to be mostly guess work from that report.

True as it relates to how the credentials were obtained, but I personally read the responses from CheckFree and Network Solutions as meaning, "Holly Cow! We weren't prepared for that and don't really have a fast security fix waiting in the wings."

Maybe it's just 20/20 hindsight, but I don't see how this kind of attack was apparently totally unanticipated by Network Solutions. And just look at all those pretty eggs in a single basket! No wonder the Cybercriminals seem to be winning. (http://voices.washingtonpost.com/securityfix/2008/12/report_cybercrime_is_winning_t.html)

It can't have been unanticipated, surely they know the golden rule - the biggest security risk is from within...