Hackers break into ICANN

The Internet Corporation for Assigned Names and Numbers (ICANN) is a non-profit organization that manages the top-level domain name system. Unknown hackers were able to compromise vital systems of ICANN sometime in November this year. The break-in was discovered only recently.The attackers managed to gain access to the Centralized Zone Data System, the system that allows people to manage Zone Files. The zone files hold valuable information about domain names — the name server and the IP addresses associated with them.The attackers also gained access to the ICANN blog and its WHOIS portal, but no damage has been detected yet.

Investigators believe that the intrusion started with a 'spear phishing' attacks targeting ICANN staff. Email accounts of quite a few staff members are believed to be compromised.

In an official statement , ICANN said, "The attacker obtained administrative access to all files in the CZDS. This included copies of the zone files in the system, as well as information entered by users such as name, postal address, email address, fax and telephone numbers, username, and password. Although the passwords were stored as salted cryptographic hashes, we have deactivated all CZDS passwords as a precaution. Users may request a new password at czds.icann.org. We suggest that CZDS users take appropriate steps to protect any other online accounts for which they might have used the same username and/or password. ICANN is providing notices to the CZDS users whose personal information may have been compromised"

Although the passwords were stored as salted cryptographic hashes, we have deactivated all CZDS passwords as a precaution... We suggest that CZDS users take appropriate steps to protect any other online accounts for which they might have used the same username and/or password.

ICANN officials are notifying any users whose zone data might have been compromised.