Nominet, the prominent U.K. domain registry responsible for managing .co.uk domains, has confirmed a significant cybersecurity incident linked to a recently disclosed vulnerability in Ivanti’s VPN software. In a communication sent to its customers, Nominet described the situation as an “ongoing security incident” that is currently under investigation.
The breach reportedly occurred after hackers exploited a zero-day vulnerability in Ivanti’s Connect Secure VPN, a tool widely used by enterprises for secure remote access. This vulnerability allowed attackers to infiltrate Nominet’s systems before the company had the opportunity to implement necessary security patches. Ivanti acknowledged last week that its Connect Secure appliance is being targeted by hackers, but has not disclosed the number of affected customers. However, cybersecurity experts from watchTowr Labs have indicated that there have been “widespread” compromises across various organizations using the software.
As the first organization to publicly acknowledge being impacted by this specific Ivanti vulnerability, Nominet has taken immediate action by restricting access to the compromised VPN software while it conducts its investigation. Importantly, the company stated that it currently has “no evidence of data breach or leakage,” providing some reassurance to its users during this troubling time.
This incident underscores the increasing risks associated with third-party software vulnerabilities, particularly in a landscape where remote work and digital connectivity are more critical than ever. As organizations continue to rely on VPNs for secure access, the need for robust security measures and timely updates becomes paramount to safeguard sensitive information from malicious actors.
Nominet’s proactive response highlights the importance of vigilance in cybersecurity practices, especially when dealing with third-party applications. As investigations continue, stakeholders will be closely monitoring developments and any potential ramifications stemming from this incident.