ICANN Says No gTLD Data Was Compromised

Internet management body ICANN has said no applicant information was compromised in the glitch which led to the new top-level domain application system being taken offline, but has as yet given no date when it will be reinstated.

The registration system, with which organisations can apply for £185,000 top level “dot-brand” domains such as .google or .disney, was withdrawn from use on the closing date for applications last Thursday  after the system showed unusual behaviour and a possible data breach.  The system is still offline while ICANN thoroughly checks what data has been exposed, according to a video interview with ICANN’s chief security officer Jeff Moss, posted on ICANN’s site.

No monkey business

According to Moss, there was no indication of any attack, but the system was taken down in case there was a larger underlying problem. The breach has turned out to be minor, but the stakes are high, so ICANN is making absolutely sure it is fixed before the system goes live again.

A problem with the system’s file deletion function meant that some users saw a minor class of data – another user’s file names. The leak was random and did not allow file access to any other user’s data, said Moss.

“Under certain circumstances, users that had previously deleted a file, could end up seeing the filneame of another user who had uploaded a file,” he explained, “Certain data was being revealed to users who were not seeknig that data. It would just show up on their screen.”

All they saw were file names, and they were not able to access those files. In fact that problem was first seen on 19 March, but ICANN thought that random data was being shown.

When ICANN is sure who saw what information, every user will be contacted, said Moss. “We want to prevent any monkey business,” he said.

Later tonight, ICANN will make a further announcement.

Do you understand the Internet as well as ICANN does?   Try our quiz