Nominet, the UK domain registry that manages the .co.uk domain, has confirmed that it has experienced a cybersecurity incident that is related to the recent exploitation of a new Ivanti VPN vulnerability.
In an email to customers seen by TechCrunch, Nominet warned of an “ongoing security incident” that it was investigating.
Nominet said the hackers accessed its systems through “third-party VPN software provided by Ivanti,” adding that the intrusion “exploited a zero-day vulnerability,” leaving Nominet with no time to patch it. .
Ivanti acknowledged last week that hackers were exploiting vulnerabilities in Connect Secure, the company's widely used enterprise VPN appliance, to infiltrate customer networks. Ivanti did not say how many customers were affected, but cybersecurity firm watchTowr Labs told TechCrunch it has seen a “widespread” breach.
Nominet was the first organization to publicly acknowledge being affected by the Ivanti bug, but said there was “no evidence of a data breach or leak” at this time. The company added that it is restricting access to its VPN software while it investigates the incident.