Created
December 17, 2014 06:06
-
-
Save coderbyheart/a3b09c0697dcb09581f3 to your computer and use it in GitHub Desktop.
CZDS Security Disclosure (2014-12-17)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ACTION REQUIRED: CZDS Security Disclosure | |
ICANN is investigating a recent intrusion into our systems. We believe a | |
âspear phishingâ attack was initiated in late November 2014. It involved email | |
messages that were crafted to appear to come from our own domain being sent to | |
members of our staff. The attack resulted in the compromise of the email | |
credentials of several ICANN staff members. | |
In early December 2014 we discovered that the compromised credentials were | |
used to access certain ICANN systems including the Centralized Zone Data | |
Service (CZDS). | |
You are receiving this notice because the attacker obtained administrative | |
access to all files in the CZDS including copies of the zone files in the | |
system. The information you provided as a CZDS user might have been downloaded | |
by the attacker. This may have included your name, postal address, email | |
address, fax and telephone numbers, and your username and password. Although | |
the passwords were stored as salted cryptographic hashes, we have deactivated | |
your CZDS password (and API key if applicable) as a precaution. Additional | |
information about the attack is included in an announcement that is posted at | |
https://www.icann.org/news. | |
In order to continue using CZDS, please visit http://czds.icann.org and follow | |
the instructions there to request a new password. We suggest that you take | |
appropriate steps to protect any other online accounts for which you might | |
have used the same username and/or password. | |
This notice was not delayed as a result of a law enforcement investigation. | |
Earlier this year, ICANN began a program of security enhancements in order to | |
strengthen information security for all ICANN systems. We believe these | |
enhancements helped limit the unauthorized access obtained in the attack. | |
Since discovering the attack, we have implemented additional security | |
measures. | |
We are providing information about this incident publicly, not just because of | |
our commitment to openness and transparency, but also because sharing of | |
cybersecurity information helps all involved to assess threats to their | |
systems. | |
If you would like further assistance or information, you may contact us by | |
email to customerservice@icann.org or by telephone at +1-424-277-3192 or U.S. | |
toll-free at +1-800-401-1703. | |
Thank you for your attention to this. We sincerely regret any inconvenience or | |
concern this incident may cause you. | |
ICANN Registry Services |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment