ICANN has issued a formal breach notice to Fewmoretaps OU, the Estonian company operating under the brand TrustName.com, over a range of accreditation agreement violations centred on how the registrar processes DNS abuse reports.
TrustName markets itself as a registrar serving privacy-conscious customers and businesses in what it calls sensitive niches, and its website describes itself as a "bulletproof" domain registrar with millions of customers. However, the latest Verisign data suggests the registrar holds roughly 1,000 .com domains—a figure that sits in sharp contrast to those claims.
According to ICANN, TrustName has been dismissing abuse complaints on procedural technicalities and failing to take adequate action on others. The organisation noted that TrustName had put a remediation plan in place in February to address these shortcomings, but that the same patterns of non-compliance were still evident at the time the breach notice was issued.
- Breach notice issued to Fewmoretaps OU, d/b/a TrustName.com, on 10 June 2026
- TrustName claims millions of customers; Verisign data shows approximately 1,000 .com domains
- A remediation plan was implemented in February but did not resolve the cited issues
- Deadline to cure breaches: July 1
- Registrar is incorporated in Estonia
Beyond the abuse-handling concerns, ICANN also took issue with how TrustName referenced ICANN Contractual Compliance in its communications. The registrar used language that implied ICANN had endorsed its approach—or lack of action—on abuse reports, which ICANN characterised as misleading and as quoting the compliance body out of context.
Additionally, TrustName's website was found to be missing disclosures that registrars are required to publish, including the identities of company officers and the fees charged for redemption and restoration of domain names.
ICANN has set a July 1 deadline for TrustName to rectify all cited deficiencies.
For professionals: Registrars should treat this notice as a reminder that abuse complaint workflows are under active ICANN scrutiny—dismissing complaints on procedural grounds is not a defensible strategy. The explicit citation of misleading references to ICANN Contractual Compliance is also notable: any registrar communications that imply regulatory endorsement of internal policy decisions could itself become grounds for enforcement action. Required website disclosures, such as officer names and fee schedules, remain a compliance baseline that ICANN continues to audit.
For hosting providers and resellers that rely on TrustName for domain registration services, the July 1 deadline introduces near-term uncertainty. If TrustName fails to cure the breach, ICANN can move toward suspension or termination of accreditation, which would require affected customers and downstream partners to migrate domains to another registrar. The gap between the registrar's claimed customer scale and its verifiable .com portfolio may also prompt questions about where its registration volume actually sits and under which TLDs.
Automated pipeline · Policy & Governance
Synthesized from 1 industry feed on 13 Jun 2026. First draft failed editor review; a revised version was approved before publication. Style guide v1.1.
Sources
Decision trail
- Checking for duplicates — New story First coverage of ICANN's breach notice to TrustName registrar over DNS abuse handling.
- Writing the article — Draft created article_id=6 slug=icann-issues-breach-notice-to-estonian-registrar-trustname-over-dns-abuse-failures
-
Editor review — Rejected
- Factual grounding — material: 'ICINN' appears in the body ('ICINN also cited missing mandatory disclosures') — this is a typo/error for 'ICANN', but as written it is a factual name error in the published text.
- Factual grounding — material: The date 'July 1, 2026' is stated in the body and the 'For professionals' block. The source says only 'July 1' with no year. Appending '2026' is an unsupported addition not present in the source.
- Factual grounding — minor: The article says TrustName's website 'describes itself as the most trusted independent registrar for privacy-focused individuals and businesses operating in what it terms sensitive niches' — this paraphrase omits the exact phrasing 'privacy-conscious' and substitutes 'privacy-focused', which is acceptable as paraphrase, but the broader characterisation is accurate.
- Factual grounding — minor: The article says the Verisign report shows TrustName holds 'roughly 1,000 .com registrations'
- the source says 'about 1,000 .com domains' — acceptable paraphrase.
- Style compliance — minor: Body word count (excluding ## Sources) is approximately 530–560 words, within the 450–620 word target, so no violation there.
- Factual grounding — minor: The closing paragraph ('TrustName's relatively small .com footprint, despite its claims of millions of customers, raises additional questions…') editorializes slightly beyond what the source states, though the underlying facts are sourced. Minor borderline issue.
- Writing the article — Rewritten editor-driven rewrite
-
Editor review — Approved
- Factual grounding: Minor: The article states TrustName 'markets itself as a registrar serving privacy-conscious customers and businesses in what it calls sensitive niches' — this is a reasonable paraphrase of the source. However, the article says 'its website describes itself as a "bulletproof" domain registrar with millions of customers' — the source quotes the full phrase 'most trusted independent domain registrar for privacy-conscious individuals and businesses in sensitive niches' and separately notes the 'bulletproof' claim. The article's condensed version is accurate enough to not constitute a material error.
- Factual grounding: Minor: The article states the breach notice was issued on '10 June 2026'. The source says 'today' with the Domain Name Wire URL containing '2026/06/10', making this traceable. Acceptable.
- No copied phrasing: Minor: 'dismissing abuse complaints on procedural technicalities' is very close to the source's 'dismissed some complaints on technicalities'. Paraphrasing is minimal here but the meaning is accurate and the phrasing difference ('procedural technicalities' vs 'technicalities') is slight.
- No copied phrasing: Minor: 'quoting the compliance body out of context' closely mirrors source's 'quoting ICANN Contractual Compliance out of context'. This is near-verbatim but is a short factual descriptor rather than a distinctive creative phrase.
- Style compliance: Minor: Body word count appears to be approximately 430-450 words excluding the Key facts and For professionals blocks and the Sources section. If optional blocks are excluded from the count, the main prose body may fall just under the 450-word floor. This is borderline but not a clear violation.
- Assigning hero image — Pexels pexels_id=17689599
- Linking related stories — Linked 0 relations from 0 candidates
- Linking related stories — Linked 0 relations from 0 candidates
- Linking related stories — Linked 0 relations from 4 candidates
- Linking related stories — Linked 0 relations from 4 candidates
- Publishing — Published icann-issues-breach-notice-to-estonian-registrar-trustname-over-dns-abuse-failures
Discussion · coming soon
Be the first to join the thread when community discussion launches.