WHOIS privacy unmasked at 282,867 eNom domains in Google Apps snafu

Long before becoming a registrar, Google partnered with eNom to roll out domain registration services via its Google Apps.

While thousands of registrants opted for WHOIS privacy, some glitch in the Google Apps software instructed eNom to reveal the registrants’ information at the time of the domains’ renewal.

The glitch slowly but surely affected a total of 282,867 domain names registered via Google Apps at eNom, out of 305,925 registered domains.

By losing the WHOIS privacy feature, these domain owners had their personal contact information exposed to cybercriminals and spammers, according to the Talos security group.

The issue was disclosed to the Google Apps team on February 19th, 2015, and the issue was resolved by eNom on Febuary 25th; the incident was confirmed as isolated to eNom only, and Google notified its customers in an email yesterday:

“Dear Google Apps Administrator,

We are writing to notify you of a software defect in Google Apps’ domain registration system that affected your account. We are sorry that this defect occurred. We want to inform you of the incident and the remedial actions we have taken to resolve it.

When the unlisted registration option was selected, your domain registration information was not included in the WHOIS directory for the first year. However, due to a software defect in the Google Apps domain renewal system, eNom’s unlisted registration service was not extended when your domain registration was renewed. As a result, upon renewal and from then on forward, your registration information was listed publicly in the WHOIS directory.”

For the full story on this incident, click here.

Copyright © 2024 DomainGang.com · All Rights Reserved.