280,000 Google Apps Domains Hit by eNOM Info Leak
Domain owner names, addresses and phone numbers that were supposed to be kept private with Whois privacy protection were not.Cisco's Talos research group reported March 12 that up to 282,867 Google Apps domains registered by eNom are at risk from a potential information leak. The information leakage is that domain owner names, addresses and phone numbers that were supposed to be protected with Whois privacy protection were not, in fact, protected. The way the Internet works, every domain name needs to have contact information associated with it, and all that information is generally available over a public Whois server lookup. There are many public Whois server lookup services on the Internet today, for example https://www.whois.net. Over the years, some domain owners have been concerned that putting their contact information in a publicly accessible location represents a potential privacy risk. That concern has led to the use of Whois privacy services, which mask the domain owner information, substituting information from the Whois privacy service. In the Google Apps case, Cisco's researchers found that 282,867 domains that were registered via eNom that were supposed to have Whois privacy enabled did not have their information protected. "A security researcher recently reported a defect via our Vulnerability Rewards Program affecting Google Apps' integration with the eNOM domain registration API," a Google spokesperson told eWEEK. "We identified the root cause, made the appropriate fixes and communicated this with affected Apps customers."
Google Apps uses multiple domain registration partners, including GoDaddy. The Whois Privacy issue, however, only impacted Google Apps customers with domains at eNom. Not all Google Apps domains registered via eNom are at risk. Only those customers that were renewing a domain were impacted by this issue, and Google Apps customers who registered their domain in the last year through eNom were not affected.