UK giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks

Nominet, the UK domain registry that maintains .co.uk domains, has been involved in a cybersecurity incident confirmed to be linked to the recent exploit of New security vulnerability in Ivanti VPN.

In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation.

Nominet said the hackers accessed its systems via “third-party VPN software provided by Ivanti,” adding that the hack “exploited a zero-day vulnerability,” giving Nominet no time to apply patches.

Ivanti confirmed last week that hackers were exploiting a vulnerability in Connect Secure, a widely used enterprise VPN device, to break into customers’ networks. Ivanti did not say how many customers were affected, but cybersecurity firm watchTowr Labs told TechCrunch that it has seen “extensive” settlements.

Nominet, the first organization to publicly confirm that it was affected by the Ivanti vulnerability, said it “currently has no evidence of a data breach or leak.” The company added that it has restricted access to the VPN software while investigating the incident.