The top domain registrars that were recently hacked include Name.com, Melbourne IT, Moniker and Xinnet. Just these 4 companies are responsible for over 6 million domain name registrations. After running security checks, Name.com told us
"that unauthorised individuals had accessed [their] database. After doing some digging [the company] found that the attack seemed to be geared toward a few specific accounts. The hackers had a target and name.com was a means to that end."
Name.com provides a detailed blogpost on the attack here (We got hacked).
The post also details that the hackers who focused on these specific accounts said,
"the information that was accessed includes usernames, passwords, physical addresses, email, hashed passwords and encrypted credit card data. EPP codes (required for domain name transfers) are not stored in the same place so those were not compromised." To help out the "techies who are wondering", they explain the "encryption on the credit card information is 4096 bit RSA."
After this incident, all customers were alerted to do a password reset. The hack is believed to have been carried out by a group called Hack the Planet (HTP), a group who claimed they attempted to hack Linode (a virtual private server hosting firm).
Most of these registrars have sent out emails to request you to change your password with a link within the email. This was heavily criticised and users became a little wary if they should actually click on the link and change their passwords.
"The problem with encouraging people to click email-borne links (which could have come from anywhere, or could point to anywhere) for anything relating to logging in or password reset is this: it softens them up to email links that end up at 'enter your password' dialogues." - Paul Ducklin on the Sophos NakedSecurity blog
"That plays into the hands of phishers, so please don't do it."