Register.com has apologised to Chinese portal company Baidu for allowing its domain, baidu.com, to be hijacked by the Iranian Cyber Army hacker group.
The two companies have announced that the lawsuit, which alleged gross negligence among other things, has now been settled. Terms were not disclosed.
If Baidu’s complaint was to be believed, the hackers took over baidu.com with a trivial social engineering attack that relied upon a Register.com tech support employee being asleep at the wheel.
The company is one of China’s largest internet firms, employing over 6,000 people and turning over well over $600 million a year. But for the period of the hijack, visitors to baidu.com instead just saw the hackers’ defacement message instead.
The registrar had argued in court that its terms and conditions released it from liability, but the judge didn’t buy it.
Register.com, which was acquired by Web.com for $135 million in June, said yesterday:
After an internal investigation, we found that the breach occurred because Register’s security protocols had been compromised. We have worked with United States law enforcement officials and Baidu to address the issue. We sincerely apologize to Baidu for the disruption that occurred to its services as a result of this incident.
Baidu said it accepted the apology. And the check, I imagine.