What to do if your domain name is compromised
Check who to contact if you think your domain is compromised.
Domain names are regularly attacked and sometimes compromised within the domain name system (DNS). You must work with your IT team or supplier to keep your domain name secure and take action if attackers have compromised your domain name.
Contact your .gov.uk Approved Registrar or DNS supplier immediately if any services like your website or email go offline or look like they may have been compromised by a malicious attacker
If your supplier confirms that your domain has been compromised you must immediately:
-
report the incident to the National Cyber Security Centre and follow any advice.
-
email support@domains.gov.uk if you are a UK public sector organisation
-
notify any other regulatory bodies for example the Information Commissioner’s Office, when necessary.
Threats can escalate quickly and cause irreparable damage. If the Domains Team finds a severe vulnerability we may make emergency changes to your domain to protect any impacted public sector services.
Updates to this page
-
Restructured to confirm you should contact your supplier in the first instances and then take additional steps if necessary
-
The Domain Management team has now moved to the Central Digital and Data Office. This update removes any references to the Government Digital Service (GDS).
-
First published.