Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Nominet, the UK domain registry that maintains .co.uk domains, has experienced a cyber security incident which it has confirmed is linked to the recent exploit of a new Ivanti VPN vulnerability.
In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation.
Nominet said the hackers gained access to its systems via “third-party VPN software provided by Ivanti,” adding that the intrusion “exploited a zero-day vulnerability,” giving Nominet no time to apply patches.
Ivanti confirmed last week that hackers exploited a vulnerability in Connect Secure, its widely used enterprise VPN appliance, to break into customer networks. Ivanti did not say how many customers are affected, but cybersecurity firm watchTowr Labs told TechCrunch that it has seen “widespread” compromises.
Nominet, which is the first organization to publicly confirm that it has been affected by the Ivanti bug, said it currently has “no evidence of a data breach or leak.” The company added that it has restricted access to the VPN software while it investigates the incident.
