Internet.bs, which is based in the Bahamas, received quite a bit of negative press in the past from the InfoSec community. One article on Ars Technica, for example, called them out as being the registrar of record for a disproportionately high percentage of “rogue pharmacy” domains.
However they turned things around and LegitScript went so far as to compliment them on their new approach to fake pharma domains.
So what did they do, or fail to do, that led to ICANN issuing them with a breach notice?
According to the letter the company is being called up on a number of matters:
- whois inaccuracy report handling
- record keeping (in relation to domains)
- not making the records available to ICANN
- not publishing their prices for domain renewals, redemption fees and their process for sending renewal notices
The timeline that is included in the letter shows that ICANN has been trying to engage with the registrar but hasn’t had much luck.
Here’s the full letter: