Problem With Google Apps’ Domain Name Registration System Causes Private WHOIS Data to Leak For Nearly 283,000 Domains
From Cisco Talos:
In mid-2013, a problem occurred that slowly began unmasking the hidden registration information for owners’ domains that [our emphasis] had opted into WHOIS privacy protection [and paid an additional fee for the service]. These domains all appear to be registered via Google App, using eNom as a registrar. At the time of writing this blog, there are 305,925 domains registered via Google’s partnership with eNom. 282,867 domains, or roughly 94% appear have been affected. (Google reports that new domains which have not faced a renewal period are not affected and many businesses do not opt into their privacy service.) The information disclosed included full names, addresses, phone numbers, and email addresses for each domain. The information was leaked in the form of WHOIS records.
[Clip]
Cisco Talos became aware of this problem and immediately notified the Google security team. Within days the privacy settings were restored to the affected domains.
[Our emphasis] However, the Internet never forgets. Affected users need to realize that this information has been publicized. These records will continue to be available to anyone with access to a cached database of WHOIS information.
Read the Complete Blog Post for More Details
Coverage
Filed under: Data Files, News, Patrons and Users, Reports
About Gary Price
Gary Price (gprice@gmail.com) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. He earned his MLIS degree from Wayne State University in Detroit. Price has won several awards including the SLA Innovations in Technology Award and Alumnus of the Year from the Wayne St. University Library and Information Science Program. From 2006-2009 he was Director of Online Information Services at Ask.com.