The mystery of the LinkedIn outage has been revealed: Network Solutions, its DNS provider, has been battered by a DDoS attack and while defending itself, misconfigured the DNS records of some of its customers – including that of LinkedIn.
“We are proactively working with these customers and have resolved most issues, none of which involved malicious activity,” Network Solutions let everyone know on Thursday. “No confidential data was compromised, including passwords, credit card information, or cookies.”
The fact was confirmed esearchers at Cisco have noticed that a number of organizations registered under NS had problem with their domain names, and nearly 5000 were apparently affected.
“Interestingly, several of these domains were setup under different nameservers at ztomy.com. For example, the domain usps.com was pointed to the DNS nameservers ns1621.ztomy.com and ns2621.ztomy.com. Yelp had their nameservers changed to ns1620.ztomy.com and ns2620.ztomy.com. Fidelity, meanwhile, was pointed at ns1622.ztomy.com and ns2622.ztomy.com, pointed out Cisco researcher Jaeson Schultz.
“However, the fact that so many domains were displaced in such a highly visible way supports Network Solutions’ claim that this was indeed a configuration error.”
Users that have domains registered with NS are advised to check whether their DNS nameservers are working as the should and are pointing to the correct address.