EURid has conducted extensive in-depth investigations into the issue reported on our public website yesterday; stating that for a limited time it was technically possible for registrars to extract lists of .eu domain names that had been registered by parties other than via themselves.

It turns out that this inadvertent side effect of the normal service provided to registrars was not misused, as has been suggested by some commentators, to gather lists of all .eu names. In fact less 39 names were queried in this way, of which 33 were previously registered or available, and the six remaining ones have been released in the meantime.

So, although the existence of this possibility was not intentional, it has not been exploited by the registrar community.

To further confirm that this is the case the log files will also be inspected by an external auditor.