Guidance

What to do if your domain name is compromised

Check who to contact if you think your domain is compromised.

Domain names are regularly attacked and sometimes compromised within the domain name system (DNS). You must work with your IT team or supplier to keep your domain name secure and take action if attackers have compromised your domain name.

Contact your .gov.uk Approved Registrar or DNS supplier immediately if any services like your website or email go offline or look like they may have been compromised by a malicious attacker

If your supplier confirms that your domain has been compromised you must immediately:

Threats can escalate quickly and cause irreparable damage. If the Domains Team finds a severe vulnerability we may make emergency changes to your domain to protect any impacted public sector services.

Updates to this page

Published 19 December 2019
Last updated 30 June 2022 show all updates
  1. Restructured to confirm you should contact your supplier in the first instances and then take additional steps if necessary

  2. The Domain Management team has now moved to the Central Digital and Data Office. This update removes any references to the Government Digital Service (GDS).

  3. First published.

Sign up for emails or print this page