ICANN to notify domain applicants of data breaches

Georgina Prodhan of Reuters reports:

Organizations taking part in the most ambitious expansion of the Internet so far will find out next week whether their applications for new domain names could have been viewed by competitors as a result of a software bug.

[…]

Beckstrom said he was confident the glitch in the system had been caused by a software bug rather than an attack.

“We have absolutely no reason to believe it’s a hack. We have been able to find some of the instructions in the software that caused the issue,” he said.

Beckstrom added that ICANN had captured every keystroke made by applicants since the window opened in January, and was currently combing through the more than 500 gigabytes of data to determine what may have been visible to whom.

The organization plans to notify applicants by May 8 if details of their applications could have been viewed by others, but will not tell them who could have seen those details. Those who may have viewed such information will also be notified.

Read more on WTAQ,

So they notify… but how does that actually mitigate any harm?

About the author: Dissent