A stolen domain name can reveal sensitive business information to the thief.
Lots of three letter domain names have been stolen over the past few years. A stolen domain lawsuit (pdf) filed in U.S. District Court in Virginia on Tuesday should provide warnings to all companies that use a domain name, as well as domain name investors.
GMF, Inc. alleges that the domain name GMF.com was stolen from its 123CheapDomains.com account. We’ve seen this sort of thing many times, but there are special warnings in this case.
The suit states that for many years, GMF Inc. held a Top Secret Facility Clearance providing hardware and technical services under contract to the U.S. Air Force, U.S. Navy, and other elements of the U.S. Department of Defense. It seems to have moved into military education since then.
And yes, it used the GMF.com domain name to send email. You can bet that some of that email had sensitive information in it given what GMF does. According to the suit, “thousands of emails were sent and/or received through gmf.com prior to the theft of the domain name by Defendant John Doe and Defendant John Doe’s disabling of GMF, Inc.’s email server settings.
The website at GMF.com was no technical marvel, but a thief can intercept important emails when he steals a domain name.
(I want to be clear that the suit doesn’t state that sensitive emails have been incercepted since the alleged theft. But, should such emails have been sent to GMF, they could have been intercepted by a thief.)
There’s also a warning for domain investors here. The alleged thief subsequently sold the domain name. The current owner, FinLead, is not alleged to have stolen the domain name. It might end up being victim, too.
This is one reason I believe that domains that have changed hands multiple times are worth less.
Here’s how the theft went down, according to GMF:
On March 5, 2016, GMF, Inc. received an e-mail from 123CheapDomains.com indicating that “a request has been received to have the password for gmf.com reset.” GMF, Inc. had not requested to have the password reset and immediately advised 123CheapDomains.com that no such request had been made and requested that 123CheapDomains.com prevent any password changes not directly authorized.
Later that day, Jonathan Lee, Tech Manager for 123CheapDomains.com, responded that merely requesting a password reset “wouldn’t work, and is pointless” and indicated that he was “enabling ‘locking’ on your domain as an extra security measure.”
Nevertheless, on April 18, 2016, GMF, Inc. was unable to access or use the gmf.com e-mail server maintained with FASTWEBHOST.
Upon discovering that it could not access or use the gmf.com e-mail server, GMF, Inc. immediately contacted FASTWEBHOST. A customer service representative for FASTWEBHOST informed GMF, Inc. that the server setting maintained by 123CheapDomains.com had been changed from their proper settings for GMF, Inc.’s account with FASTWEBHOST.
GMF, Inc. then discovered that it was unable to gain access to its domain name management account with 123CheapDomains.com.
A search of GMF, Inc.’s administrative e-mail account reveals that GMF, Inc. never received a notification that the gmf.com domain name was being transferred. Such a domain name transfer notification email is required by the Internet Corporation for Assigned Names and Numbers (ICANN).
On information and belief, John Doe obtained unauthorized access to GMF, Inc.’s domain registrar account and manipulated the computer records to obtain the transfer of the gmf.com domain name through an “account transfer” within Tucows or other surreptitious manner intended to avoid detection by GMF, Inc.
On information and belief, John Doe prevented GMF, Inc. from receiving electronic communications seeking approval for the transfer of the gmf.com domain name and obtained unauthorized access to such electronic communications so as to approve the transfer.
John Doe transferred the gmf.com domain name from Tucows to Dynadot, LLC, a common destination registrar for stolen domain names.
David Weslow of Wiley Rein is representing the plaintiff.