ICANN forced to shut down its Adobe Connect Conferencing facility after a discovery of possible data leakage.
ICANN first reported in the CEO’s a blog that
Yesterday we were notified by a member of the Security and Stability Advisory Committee of what appears to be a potentially serious security issue affecting our use of Adobe Connect.
In order to protect the members of the multistakeholder community, and out of an abundance of caution, we have suspended our Adobe Connect services. This means that Adobe Connect services will not be available for the rest of ICANN61.
In a statement ICANN said
The issue is one that could possibly lead to the disclosure of the information shared in an ICANN Adobe Connect room. We are still investigating the root cause of the issue. We have formulated different scenarios based on authentication, encryption, and software versions, which we are testing in a controlled fashion in attempt to replicate and understand the root cause of the issue.
Adobe connect is used by ICANN to beam its conferences and is actively used to listen in or follow all activities in real time through out most sessions. Shutting down the the remote access system therefore means that as many as half of the remote participants will not be able to actively engage in the meetings other than live streaming the events or follow through the live scribing service.
The case is reminiscent of the 2012 TLD application system (TAS) glitch where “A technical issue in the system allowed a limited number of users to view a limited number of other users’ file names and user names in certain scenarios.”.
In 2015, ICANN temporarily took its New gTLD Applicant & GDD portals offline amid security leak scare.