The organisation in charge of coordinating and maintaining the databases of unique namespace identifiers on the internet is asking uses of its website to reset their login passwords after an apparent hack.
.jpg&h=420&w=748&c=0&s=0)
The Internet Corporation for Assigned Names and Numbers (ICANN) today revealed it believed the data breach took place last week.
It said an unknown attacker had gained access to usernames, email addresses and passwords for the icann.org public website.
The passwords are hashed, ICANN said, and not easy to reverse. Nevertheless, the internet governance organisation is asking all users of the website to reset their passwords as a precaution.
ICANN said the encrypted passwords were taken through unauthorised access to an external service provider.
It said it appeared no site user profiles had been accessed.
ICANN operational information, financial data and the Internet Assigned Numbers Authority (IANA) systems that coordinate the internet domain name system (DNS) and internet protocol (IP) addressing were not affected as part of the breach, it said.
The organisation did not say how many users were affected, nor who it suspected is behind the hack.
This is the second serious ICANN data breach to come to light in recent months.
In May this year, ICANN blamed a site misconfiguration for revealing confidential financial information of generic top-level domain (gTLD) applicants to 19 unwitting parties.