The Internet Corporation for Assigned Names and Numbers (ICANN) has issued a warning to those who registered with its public website that their profile accounts were accessed by an “unauthorized person”. ICANN states that the usernames, email addresses, and encrypted passwords to people’s profile accounts have been compromised in the last week. Profile accounts on the ICANN website can contain “user preferences for the website, public bios, interests, newsletter subscriptions, etc”
In a statement published on its website, ICANN state that “there is no evidence that any profile accounts were accessed or that any internal ICANN systems were accessed without authorization” and that “no operational information, financial data or IANA systems were involved.”
While details of how the accounts were accessed were not outlined in the statement the organisation did say “the encrypted passwords appear to have been obtained as a result of unauthorized access to an external service provider”.
While the passwords were hashed and “not easy to reverse” ICANN are taking the precautionary step to reset users’ passwords and require them to change their password on their next visit to the site.
ICANN goes on to advice users “if you have used the same password on other websites or services, you should change it immediately on those other websites or services. As a general matter, you should avoid reusing passwords across multiple sites.”
This is the most recent security breach at ICANN following on from a breach in February of this year which enabled applicants for some of the new top level domains to see the details of other registered applicants.
In December of 2014 ICANN reported that some of its staff were the victims of a spear phishing attack resulting in their email credentials being compromised.
This story, "ICANN website security breached" was originally published by CSO.