Global internet authority ICANN has been hacked and organization confirmed that its DNS zone database was compromised.
Unknown attackers used a spearphishing campaign to compromise to email accounts of several ICANN staff members. Hackers then used those credential to compromise the systems used by the company. Centralized Zone Data System (CZDS), Wiki pages of the of the Governmental Advisory Committee (GAC), the domain registration Whois portal, and ICANN blog were also compromised in the attack. The attack was initiated in November 2014.
CZDS is the service which is used by domain registries and other parties to access the DNS root ZONE files and sensitive data associated with user accounts. Hackers have accessed the zone files and user data including name, phone numbers, address, fax, username and password. Since the passwords were salted cryptographic hashes, they are useless for hackers. But ICANN is urging users to change the password of their account. Organization will also provide a notice to users whose personal details have been compromised.
Company sent an email to CZDS users confirming that hackers have obtained the administrative access to all files in CZDS. And company also informed that data was accessed.
ICANN explains that they are not aware if there is any other system compromised in the attack. But they are investigating on the issue.
Source: ICANN
