ICANN, the non-profit organization that oversees Internet domain name assignments, is warning its users that their usernames, email addresses and encrypted passwords created for use on the ICANN.org public website were hacked sometime within the last week.
The internet governance organization doesn’t believe that the encrypted password would be easy for a hacker to reverse engineer but it is warning users to change their passwords as a precaution. Also “…no operational information, financial data or IANA systems were involved,” wrote the organization in an email to its users.
The hack is an embarrassment for an organization that’s been singled out for the way it expanded top level domain names, particularly for allowing the infamous “dot-sucks” domain that’s been reviled by marketers and by Congress.
There is also push back against the planned hand over of the Internet Assigned Numbers Authority. That key domain name function has been overseen for the last 15 years by ICANN under a contract with National Telecommunications and Information Administration (NTIA), a component of the Department of Commerce.
The NTIA had been planning to surrender oversight of the domain name function to an international multi-stakeholder group by September 2015. ICANN recently admitted that the international group won’t be ready to take over stewardship of the key Internet function until mid-2016.
Many in Congress believes that ICANN currently falls short in terms of accountability. The DOTCOM act, a bill that give that Congress has 30 days to review the plan and certify that ICANN has adopted additional accountability reforms, has been passed in the House and has cleared the Senate Commerce Committee. Senator Ted Cruz (R-Texas) is holding up the DOTCOM Act over Constitutional issues.