Bottle Domains security incident

Posted by Jo Lim on 10 February 2009

auDA has been notified by the Australian Federal Police that there has been a security incident which may have affected customers of accredited registrar Bottle Domains.

auDA is working with Bottle Domains to manage any security risks arising from the incident, and has today sent email notification to customers of Bottle Domains (copy below).

Whilst the AFP investigation is ongoing, it is inappropriate for auDA to make any further comment. However, auDA will take further action as necessary when the investigation is completed.


Dear .au Registrant

.au Domain Administration Ltd (auDA) is the Government-endorsed industry regulatory authority for the .au domain space.

The registrar of record for your domain name is Bottle Domains.

You may already have received an email from Bottle Domains informing you that they have recently been the target of a security breach

As a result of the breach, it is possible that your account information has been accessed by third parties.

Accordingly, auDA has instructed Bottle Domains to:

  • update your account password;
  • update your domain name password at the registry; and
  • conduct a full and independent security audit of its operating systems.

You will receive your new password details in a separate email from Bottle Domains.

The security breach is also being investigated by the Australian Federal Police, and auDA will take further action as necessary when the investigation is completed.

During this time, we recommend that you remain vigilant and carefully monitor your domains, your account and your credit card transactions. If you have any questions or concerns about the security of your account, please contact Bottle Domains at or 1300 88 74 74.