Security incident involving .au domain names

Posted by Jo Lim on 22 October 2009

On 1 October 2009, auDA was alerted by a registrar of the availability of non-financial customer information on the internet. The information was inadvertently listed on an ex-staff member’s website and included 537 domain names registered through a number of registrars.

The registrar reported that the release of the information did not appear to be malicious and they had no reason to believe that it has been used in an improper manner.  The information could only be accessed by entering a lengthy URL or very specific Google search string.

As soon as the availability of this information came to the attention of the registrar, they notified auDA and requested auDA’s assistance in protecting the associated domain names.

As a precautionary measure, auDA immediately placed “server locks” on the 537 names. The ex-staff member's web host took down the information and it is no longer available on the internet. In addition, a request was submitted to Google to remove the information and references from Google’s indexes and cache.

auDA contacted all affected registrars, who took remedial action to further protect their customers’ domain names.   

Given the registrar’s open and cooperative engagement with auDA on this issue, their reassessment of procedures to prevent a reoccurrence, the provision of a report on the security incident and their request for auDA’s feedback on their handling of the matter, auDA will take no further action in relation to the incident.