From Cisco Talos:
In mid-2013, a problem occurred that slowly began unmasking the hidden registration information for owners’ domains that [our emphasis] had opted into WHOIS privacy protection [and paid an additional fee for the service]. These domains all appear to be registered via Google App, using eNom as a registrar. At the time of writing this blog, there are 305,925 domains registered via Google’s partnership with eNom. 282,867 domains, or roughly 94% appear have been affected. (Google reports that new domains which have not faced a renewal period are not affected and many businesses do not opt into their privacy service.) The information disclosed included full names, addresses, phone numbers, and email addresses for each domain. The information was leaked in the form of WHOIS records.
[Clip]
Cisco Talos became aware of this problem and immediately notified the Google security team. Within days the privacy settings were restored to the affected domains.
[Our emphasis] However, the Internet never forgets. Affected users need to realize that this information has been publicized. These records will continue to be available to anyone with access to a cached database of WHOIS information.
Read the Complete Blog Post for More Details
Coverage
About Gary Price
