The Organization That Coordinates All The Internet Domain Names In The World Got Hacked

ICANNLOGOIf the Internet was the Death Star, then the weak point hackers might be trying to aim at would be the International Corporation for Assigned Names and Numbers, or ICANN (though I’d like to think the non-profit organization that administers and coordinates all the world’s Internet domain names wouldn’t be on the dark side [althouuugh the company logo does kind of look like a Death Star…]). As it turns out, ICANN says it was hacked — though there will be no space explosions because of it.

ICANN said in a web post this week that its internal systems were breached starting in November as the result of a “spear phishing” attack where hackers send emails that look like company emails, giving them access to those systems after users are tricked into handing over their credentials.

Ironically enough for the organization that doles out IP addresses and domain names for the entire planet, the emails reportedly came from ICANN’s own domain, reports The Verge.

The damage appears to include access internal emails, a Wiki page that only had public information, a tool that’s used to look up if a domain name is registered called WHOIS and ICANN’s Centralized Zone Data System. Within that, user information including real names, addresses, emails, telephones, usernames and encrypted passwords were accessed, ICANN says.

It’s since deactivated all CZDS passwords as a precaution, it said in the post:

We have deactivated all CZDS passwords as a precaution. Users may request a new password at czds.icann.org. We suggest that CZDS users take appropriate steps to protect any other online accounts for which they might have used the same username and/or password. ICANN is providing notices to the CZDS users whose personal information may have been compromised.

But the part of the organization that keeps the Internet running smoothly, the Internet Assigned Numbers Authority or IANA, and other systems weren’t hit, ICANN says:

“Based on our investigation to date, we are not aware of any other systems that have been compromised, and we have confirmed that this attack does not impact any IANA-related systems.”

The United States is in charge of running ICANN, making this episode yet another hacking incident among a plethora of hacking incidents in just the last year to bedevil the government.

Global internet authority ICANN has been hacked [The Verge]