On August 12, 2015, the California Office of the Attorney General reported a data breach involving the Internet Corporation for Assigned Names and Numbers (ICANN). The breach occurred on July 31, 2015, and involved the unauthorized acquisition of usernames/email addresses and encrypted passwords for ICANN.org profile accounts, with no evidence of unauthorized access to internal systems.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-57383
TPRM report: https://www.rankiteo.com/company/icann
"id": "ica512080525",
"linkid": "icann",
"type": "Breach",
"date": "7/2015",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Internet Governance',
'name': 'Internet Corporation for Assigned Names and '
'Numbers (ICANN)',
'type': 'Organization'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'data_encryption': 'encrypted passwords',
'personally_identifiable_information': ['usernames',
'email addresses'],
'type_of_data_compromised': ['usernames',
'email addresses',
'encrypted passwords']},
'date_detected': '2015-08-12',
'date_publicly_disclosed': '2015-08-12',
'description': 'Unauthorized acquisition of usernames/email addresses and '
'encrypted passwords for ICANN.org profile accounts.',
'impact': {'data_compromised': ['usernames',
'email addresses',
'encrypted passwords']},
'references': [{'date_accessed': '2015-08-12',
'source': 'California Office of the Attorney General'}],
'title': 'ICANN Data Breach',
'type': 'Data Breach'}