ICANN is the latest organisation to be hacked, claims critical data was protected

Internet Corporation for Assigned Names and Numbers or ICANN, the global authority on providing unique web addresses across the world, was breached by hackers. According to the blog post by ICANN, hackers used ‘spear fishing’ to break into its systems in late November. Email messages were sent to ICANN staff members which appeared to be coming from ICANN’s own domain. As a result several ICANN employees’ emails were compromised. According to the post, the hackers accessed internal emails, gained administrative privileges to the Centralised Zone Data Service which was used to gather information such as names, postal addresses, emails and phone numbers. ICANN says the passwords were encrypted, but it has deactivated them as a precautionary measure. A members-only ICANN GAC wiki page was also accessed. Hackers also accessed the ICANN Blog and ICANN WHOIS, an information portal. However, ICANN says that these two sites did not face much impact. “Based on our investigation to date, we are not aware of any other systems that have been compromised, and we have confirmed that this attack does not impact any IANA-related systems,” says the post. IANA refers to Internet Assigned Numbers Authority, which is an important section of ICANN responsible for coordinating some of the key elements that keep the internet running smoothly. ICANN has stated that it has already put into force a slew of security measures to limit unauthorised access. Since the attack, there have been more additions to these security parameters. “We are providing information about this incident publicly, not just because of our commitment to openness and transparency, but also because sharing of cybersecurity information helps all involved assess threats to their systems,” said ICANN in the blog post.