Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability.
In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation.
Nominet said hackers accessed its systems via “third-party VPN software supplied by Ivanti,” adding that the intrusion “exploited a zero-day vulnerability,” giving Nominet no time to apply patches.
Ivanti confirmed last week that hackers were exploiting a vulnerability in Connect Secure, its widely used enterprise VPN appliance, to break into customers’ networks. Ivanti hasn’t said how many customers are affected, but cybersecurity firm watchTowr Labs told TechCrunch that it has seen “widespread” compromises.
Nominet, which is the first organization to publicly confirm it has been affected by the Ivanti bug, said it currently has “no evidence of data breach or leakage.” The company added that it has restricted access to the VPN software while it investigates the incident.
