ICANN‘s logs indicate that the data that was accessed in this incident included usernames, email addresses, and hashed passwords. While no actual unencrypted passwords were taken, it is possible for a malicious person with enough computing power to reverse a hashed password, particularly a simple or common one. ICANN has uncovered no evidence that any RADAR accounts were accessed using compromised credentials. All RADAR login credentials have been reset and registrar end-users have been notified.
We apologize for the inconvenience this situation may cause. ICANN is committed to ongoing improvements in security procedures and systems. Registrars requiring additional information should contact firstname.lastname@example.org.
This ICANN announcement was sourced from: