coderbyheart/2014-12-17-CZDS-Security-Disclosure.txt

## 2014-12-17-CZDS-Security-Disclosure.txt
ACTION REQUIRED: CZDS Security Disclosure

ICANN is investigating a recent intrusion into our systems. We believe a
âspear phishingâ attack was initiated in late November 2014. It involved email
messages that were crafted to appear to come from our own domain being sent to
members of our staff. The attack resulted in the compromise of the email
credentials of several ICANN staff members.

In early December 2014 we discovered that the compromised credentials were
used to access certain ICANN systems including the Centralized Zone Data
Service (CZDS).

You are receiving this notice because the attacker obtained administrative
access to all files in the CZDS including copies of the zone files in the
system. The information you provided as a CZDS user might have been downloaded
by the attacker. This may have included your name, postal address, email
address, fax and telephone numbers, and your username and password. Although
the passwords were stored as salted cryptographic hashes, we have deactivated
your CZDS password (and API key if applicable) as a precaution. Additional
information about the attack is included in an announcement that is posted at
https://www.icann.org/news.

In order to continue using CZDS, please visit http://czds.icann.org and follow
the instructions there to request a new password. We suggest that you take
appropriate steps to protect any other online accounts for which you might
have used the same username and/or password.

This notice was not delayed as a result of a law enforcement investigation.
Earlier this year, ICANN began a program of security enhancements in order to
strengthen information security for all ICANN systems. We believe these
enhancements helped limit the unauthorized access obtained in the attack.
Since discovering the attack, we have implemented additional security
measures.

We are providing information about this incident publicly, not just because of
our commitment to openness and transparency, but also because sharing of
cybersecurity information helps all involved to assess threats to their
systems.

If you would like further assistance or information, you may contact us by
email to customerservice@icann.org or by telephone at +1-424-277-3192 or U.S.
toll-free at +1-800-401-1703.

Thank you for your attention to this. We sincerely regret any inconvenience or
concern this incident may cause you.


ICANN Registry Services
	ACTION REQUIRED: CZDS Security Disclosure

	ICANN is investigating a recent intrusion into our systems. We believe a
	âspear phishingâ attack was initiated in late November 2014. It involved email
	messages that were crafted to appear to come from our own domain being sent to
	members of our staff. The attack resulted in the compromise of the email
	credentials of several ICANN staff members.

	In early December 2014 we discovered that the compromised credentials were
	used to access certain ICANN systems including the Centralized Zone Data
	Service (CZDS).

	You are receiving this notice because the attacker obtained administrative
	access to all files in the CZDS including copies of the zone files in the
	system. The information you provided as a CZDS user might have been downloaded
	by the attacker. This may have included your name, postal address, email
	address, fax and telephone numbers, and your username and password. Although
	the passwords were stored as salted cryptographic hashes, we have deactivated
	your CZDS password (and API key if applicable) as a precaution. Additional
	information about the attack is included in an announcement that is posted at
	https://www.icann.org/news.

	In order to continue using CZDS, please visit http://czds.icann.org and follow
	the instructions there to request a new password. We suggest that you take
	appropriate steps to protect any other online accounts for which you might
	have used the same username and/or password.

	This notice was not delayed as a result of a law enforcement investigation.
	Earlier this year, ICANN began a program of security enhancements in order to
	strengthen information security for all ICANN systems. We believe these
	enhancements helped limit the unauthorized access obtained in the attack.
	Since discovering the attack, we have implemented additional security
	measures.

	We are providing information about this incident publicly, not just because of
	our commitment to openness and transparency, but also because sharing of
	cybersecurity information helps all involved to assess threats to their
	systems.

	If you would like further assistance or information, you may contact us by
	email to customerservice@icann.org or by telephone at +1-424-277-3192 or U.S.
	toll-free at +1-800-401-1703.

	Thank you for your attention to this. We sincerely regret any inconvenience or
	concern this incident may cause you.


	ICANN Registry Services