You may have noticed that the CENTR website was down between Friday 1st November and Wednesday 6 November.
CENTR stands for the Council of European National Top-Level Domain Registries (CENTR).
What Happened
We discovered on Friday 1st November that a third party had managed to access the www.centr.org website and obtain a user list which they shared on Twitter on 25 October. This list included names, email addresses and hashed passwords. Fortunately, according to the web server error log files, this is the only data that was compromised.
What we have done
We disabled the website as soon as we discovered the incident, as well as notifying our members immediately, and started investigating exactly how the hackers entered the system. Once the access breach was fixed and we were certain the website was safe, we overwrote the existing passwords with dummy data and implemented a stricter password policy before putting the website online again.
Finally we informed anyone with a user account that their passwords had been overwritten, asking them to reset their passwords. Furthermore, the Data Protection Authority has been alerted of this data breach.
Next steps
The gravity of this situation cannot be overlooked and so we will continue to work closely with our web developers, hosting provider and security experts from our membership to help understand exactly how this happened and how to prevent it from happening again.
We ask that anyone who has a user account on the CENTR website be mindful of proper password security, and that they follow the recommendations included in the email sent out last Wednesday.
For more information please contact the CENTR Secretariat by email, secretariat@centr.org.
One comment
Pingback: Security incident on the CENTR website | DN Egg