Networks Solutions, a popular domain name registrar, is revealing the real identity of the domain name owner even though the domain name owner has opted-in and paid for their domain name privacy service. When a domain name is registered, buyers have the option of paying $9.99 per year extra to keep their domain name ownership private. But a loophole in Network Solutions’ own domain name management system reveals the real owner of any domain name, even those who wish to keep their names private.

If a domain name is registered with Network Solutions, and that domain name is currently using Network Solutions’ Private Registration services, here is how you can “get past” the private registration service–using Network Solutions’ own system to reveal the true owner of a domain name:

1. Go to the Network Solutions “Forgot Password” page:
https://www.networksolutions.com/manage-it/forget-login.jsp

2. On the right side, under “Retrieve Your User ID”, enter the domain name as shown below:

3. Click “Retrieve User ID”.

The domain name contacts are revealed (although the actual domain name owner(s) are being hidden in the whois of the domain name. See below:

In this specific example, I used the domain name Social.com because in this case the domain name is under Private Registration, meaning that the owner does NOT want to be revealed. However, using Network Solutions’ own services, you can see who really owns the social.com domain name. Below is a screen capture of the social.com domain name whois information, which is on privacy:

In this case, someone named “Alica Del Valle” actually is listed as the Primary Contact of the domain name Social.com. A Google search and perhaps some other creative searching and looking around (perhaps even using LinkedIn.com), may reveal the owner of the domain name’s contact information. But, as you can see, this is obviously a big fail when it comes to privacy on behalf of Network Solutions customers.

A hat tip goes out to fusible for mentioning this in a recent post.