ICANN corporation officially announced that it had undergone a cyber attack. Experts that conduct the investigation suppose that in the end of November a number of employees received emails allegedly sent from the very ICANN domain. In fact, it was a carefully organized phishing attack that some of the stuff fell victims to.
As a result criminals managed to get access to the account names of staff’s emails and several internal systems of ICANN. In particular, cyber attack organizers gained access to the Centralized Zone Data System (CZDS), including zone files and some information about the users – their names, passwords, postal and email addresses and telephone numbers. At the moment all CZDS passwords are deactivated and users are asked to apply to ICANN to receive new ones. Moreover, users should take steps to ensure security of their other online accounts.
Furthermore, several other systems have been compromised – the ICANN GAC Wiki, the ICANN Blog and the ICANN WHOIS information portal. ICANN corporation has no evidence of whether intruders managed to access any other system. It also states that the attack hasn’t impacted IANA systems, directly related to the domain space management functions.
ICANN is investigating the incident and takes additional measures to strengthen security. The corporation believes that it is vitally important to make information about the cyberattack public, since it is committed to transparency. ICANN hopes that these data can be useful to all parties potentially affected by the incident.
