ICANN hit by spear phishing attack, employee credentials compromised

Oops! ICANN employees fall for spear phishing attack, with some employee credentials hit.

@MHatamoto

Published Thu, Dec 18 2014 1:26 AM CST | Updated Sat, Aug 8 2020 10:29 AM CDT

ICANN employees have fallen victim to a suspected spear phishing cyberattack that began in late November 2014, the group confirmed in a blog post. The social engineering attack mimicked emails that closely resembled communications from its own domain and targeted ICANN employees. Unfortunately, the attack was successful and several ICANN staff members had their credentials compromised.

ICANN hit by spear phishing attack, employee credentials compromised | TweakTown.com

The compromised credentials were used to access ICANN's Centralized Zone Data System, providing criminals with access to names, postal addresses, email addresses, fax and phone numbers, usernames and passwords. The breach also hits the ICANN GAC Wiki, with only public information accessible to the cybercriminals.

Earlier in the year, ICANN boosted its cybersecurity, which the group said likely helped keep unauthorized access to a minimum from this attack.

NEWS SOURCES:csoonline.com, cdn2.pcpro.co.uk

Michael Hatamoto

An experienced tech journalist and marketing specialist, Michael joins TweakTown looking to cover everything from consumer electronics to enterprise cloud technology. A former Staff Writer at DailyTech, Michael is now the West Coast News Editor and will contribute news stories on a daily basis. In addition to contributing here, Michael also runs his own tech blog, AlamedaTech.com, while he looks to remain busy in the tech world.