EC-Council Statement to Recent Security Breach

RE: February 22nd, 2014 Security Breach on EC-Council

On February 22nd, 2014 at approximately 8PM EST, the domain was redirected to an ISP in Finland. Immediately EC Council’s Internal Security Response team initiated a comprehensive investigation.

EC-Council’s Security Team has confirmed no access to any EC-Council Servers was obtained, the domain redirection was done at the DNS Registrar and traffic was re-routed from Authentic EC-Council Servers to a Host in Finland known for hosting other illegal websites. EC-Council immediately began exercises in security precaution to fortify against any further attempts. EC-Council immediately opened cases with the United States FBI as well as international Law Enforcement to apprehend this individual and launched a full analysis of third party vendors where the security breach was allowed.

The affected records reside with a Third-Party, ICANN certified DNS Registrar and though EC-Council has terminated service there and moved, DNS propagation will take some time. During the DNS propagation period, will be unavailable to the public. While EC-Council Servers remained untouched and running, the third-party DNS registrar remained affected through the day on Sunday February 23rd and into the morning Monday February 24th. EC-Council in Cooperation with domestic and foreign Law Enforcement as well as Judicial Systems will continue to investigate the incident.

EC-Council will release additional information through its official Facebook page as well as LinkedIn as details come available.

Original statement located on their FaceBook Page –

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.