The overseer of the Internet’s addressing system said Wednesday that someone obtained information related to user accounts for its public website, although no financial information was divulged.
ICANN, short for the Internet Corporation for Assigned Names and Numbers, said user names, email addresses, encrypted passwords and other data, such as bios, interests and newsletter subscriptions, were contained in the accounts.
Despite the breach, the accounts as well as internal ICANN systems do not appear to have been accessed, the organization said in a post on its website. Although an investigation continues, ICANN said the “encrypted passwords appear to have been obtained as a result of unauthorized access to an external service provider.” It did not name that provider. Reports CIO
The breach comes less than 12 months since its last cyberattack.
The latest database compromise comes in the wake of the proposed release of the IANA from its tenure at the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA) into the greater “multi stakeholder” global community.
ICANN said that the proposal was developed through a transparent community-led process, which was open to, and inclusive of, all interested stakeholders.
“The dedication that the internet community has exhibited to the IANA stewardship transition is nothing short of remarkable,” Alissa Cooper, chair of the ICG and member of the Internet Engineering Task Force (IETF) community, said.
“The public comment period presents an opportunity for the public to assess the transition proposal in its entirety and for the ICG to build a public record demonstrating how the proposal meets the expectations set out by the U.S. Government.”