Recent reports suggested that the temporary outage of Guaranty Trust Bank‘s (GTBank) website was caused by a cybersecurity breach. However, new information indicates that the issue was more likely due to a delay in renewing the bank’s domain name, rather than a hack.
The website was offline from Tuesday night until early Thursday morning as the bank’s IT teams scrambled to resolve the problem. Four individuals familiar with the situation revealed to TechCabal that the outage was linked to issues with the Domain Name System (DNS) configuration. A Chief Technology Officer (CTO) at one of Nigeria’s major fintech companies, speaking anonymously, suggested that GTBank’s failure to renew its domain name may have been the root cause of the disruption.
“There were issues with their domain name registration, and they had to make some changes or move it to a different domain name service,” the CTO explained.
The delay in renewing the domain name might have opened the door for unknown parties to attempt to purchase the domain, hoping that GTBank would pay a premium to reclaim it. However, experts believe that if GTBank had already patented its website name, it could report the issue to the domain host and retrieve the site after following the necessary procedures—a process that could take time.
Domain name renewal lapses are not uncommon. Even tech giants like Google and Microsoft have faced similar issues in the past. In 2015, Google failed to renew “google.com,” which was briefly purchased by a former employee. Microsoft also experienced a similar lapse with the hotmail.co.uk domain in 2003.
One developer speculated that the delay in GTBank’s domain renewal might have been caused by internal issues, such as the custodian of the email tied to the domain leaving the bank without properly handing over responsibilities. Additionally, the bureaucratic process of vendor payment might have further delayed the renewal.
GTBank Website Has Been Hacked: What We Know Now
As of the time of publication, some GTBank customers were able to access the website, while others continued to experience difficulties. These issues could be related to DNS propagation, which can cause delays in the changes to domain records taking effect across all servers.
Another factor could be the security feature known as HTTP Strict Transport Security (HSTS), which forces browsers to connect to the website only over a secure, encrypted connection—a standard practice among banks to protect customer information.
GTBank has yet to release an official statement regarding the incident. However, the outage serves as a reminder of the importance of timely domain name renewals and the potential complications that can arise from lapses in this critical area.