ICANN entered its research into a data exhibit issue in the new gTLD Applicant and GDD portals for the first time on 1 March 2015. The information contained by these postals is from new gTLD Program applicants and new gTLD registry operators.
An examination upheld by two IT consulting firms, according to an update from 30 April 2015, was released by ICANN in March 2015 to assess and analyze all log data from the activation of the portals. The type of the disclosures were concluded in the findings presented in the 27 May 2015 update. Since the previous update, ICANN kept examining this subject and discovered that, besides the previous disclosures, were used to access contact information 2 consumer credentials from eight registry operators. That contact information for registry operators appeared to have been entered negligently according to the information stated in the investigation. In addition, ICANN confirmed that the uncovered registry contact information does not look to have sensitive personally recognizable information. All the damaged parties has been informed of the data exposure.
The examination is now finished. After a careful examination of each step in the data exposures process, namely the way it appeared, ICANN declared that the exposure problems resulted from multiple errors (misconfigurations) in the portals. To avoid these kind of disclosures in the future, there were presented these misconfigurations . Furthermore, ICANN has announced that no other ICANN systems were disordered. ICANN continues to deliver periodically security-based updates as part of a wider, long-term effort to strengthen all of ICANN’s digital services.