ICANN’s Registrar Extranet Taken Offline Due to Security Issues

ICANN  announced late last night that they had taken RADAR, which is essentially an extranet for registrars, offline due to security issues.

Here’s the official announcement:

ICANN has taken its registrar contact information database (RADAR) offline temporarily. This action was taken as a precautionary measure after it was learned that an unauthorized party viewed data in the system. ICANN has found no evidence of any unauthorized changes to the data in the system. Although the vulnerability has been corrected, RADAR will remain offline until a thorough review of the system is completed.

ICANN’s logs indicate that the data that was accessed in this incident included usernames, email addresses, and hashed passwords. While no actual unencrypted passwords were taken, it is possible for a malicious person with enough computing power to reverse a hashed password, particularly a simple or common one. ICANN has uncovered no evidence that any RADAR accounts were accessed using compromised credentials. All RADAR login credentials have been reset and registrar end-users have been notified.

We apologize for the inconvenience this situation may cause. ICANN is committed to ongoing improvements in security procedures and systems. Registrars requiring additional information should contact registrar@icann.org.

RADAR contains the contact details of all ICANN accredited registrars, including emergency contact numbers of key personnel and more.

The site is currently displaying a very simple “maintenance” message:

This isn’t the first time that ICANN has had technical or security issues. Both the online application system for new TLDs and other related systems have had problems over the last couple of years which have led to either data being leaked to the public or to people who should not have had access to specific data.