Confidential information exposed over 300 times in ICANN security snafu

Kieren McCarthy reports:

Two months after claiming there was “no indication” that confidential information was exposed in a security cock-up, domain name overseer ICANN has admitted it happened on at least 330 occasions.

Following an audit of its main customer portal, the organization confirmed what we reported at the start of March: that misconfigured Salesforce software had given every user access to every other user’s information, including financial projections, launch plans and confidential exchanges.

Read more on The Register.

About the author: Dissent