The Night Google.com Slipped Away for Twelve Dollars

At a little past midnight on September 29, 2015 in Cambridge, Massachusetts, former Googler and Harvard Business School student Sanmay Ved was doing what countless domain hobbyists do: idly refreshing search results on a registrar’s website to see what curious addresses might be available. He happened to be using Google Domains, the company’s own retail registrar, and on a whim he typed the most obvious address in the world—google.com—fully expecting the predictable red “unavailable” label. Instead, the system flashed green. The purchase button was active. The price read 12 dollars. Skepticism gave way to curiosity, and curiosity to a click. In a few seconds he had added the domain to his cart, completed checkout with his credit card, and watched a confirmation email land in his inbox proclaiming that he was now the registrant of google.com.

For a fleeting minute or two, it was true. His Google Search Console lit up with messages about property ownership. Administrative emails that normally flow only to Mountain View began arriving, confirming that backend systems believed he was in charge. Google’s own WHOIS lookup service reflected his name in the registrant field. The goliath of the internet, with a market cap measured in hundreds of billions, had just let its crown jewel slip to an alumnus for the price of lunch. If the moment felt surreal to Ved, it was because the stakes were impossible to reconcile with the triviality of the transaction. Owning a domain isn’t merely symbolic; DNS controls dictate where user traffic goes. Had the registration lasted longer, a malicious actor could, in theory, have redirected search queries, harvested credentials, or caused colossal havoc. That none of this happened is due to two facts: Ved’s intentions were ethical, and Google acted immediately.

The backstory to how such a lapse could occur lies in the plumbing of domain names. The .com registry is operated by Verisign, which maintains the authoritative database. Retail registrars like Google Domains act as intermediaries, sending create, renew, and transfer commands through the Extensible Provisioning Protocol to the registry. Corporate giants typically set their mission‑critical domains to auto‑renew well before expiration. Google.com’s official expiration date was September 2015, and it had been renewed year after year without drama. But registries and registrars also implement grace periods and redemption windows, and timing peculiarities can arise when a renewal, a billing cycle, an automated script, and a user interface are even slightly out of sync. In this case, something in that chain blinked. For a moment the record that says “this name cannot be registered because it already is” wasn’t properly enforced at the registrar front end, and a standard availability check returned a positive result for the most searched string on Earth.

From Ved’s perspective, ownership felt instantly real. Google’s internal notification systems, hooked to the domain’s administrative contact, started pumping out alerts. He could see verification messages from Webmaster Tools (now Search Console). There were references to Google Fiber and AdWords accounts. Each email was a breadcrumb confirming that systems across the Google universe relied on that single domain record as the root of trust. But the window was closing fast. Within minutes, the transaction was reversed. Google Domains sent a second email stating that the order had been canceled and the amount refunded because the domain “had been registered by someone else.” It was a tacit admission that the original green light should never have appeared. Control reverted to Google’s corporate registry lock, a higher‑security state that requires multiple human approvals and out‑of‑band steps to modify. The brief ownership transfer, though ephemeral, left a log trail impossible to ignore.

When Ved blogged about the incident a few days later, the story ricocheted around tech media. The headline practically wrote itself: Google loses Google.com for 12 dollars. Beneath the clickbait was a sober reminder that even the companies that build the infrastructure of the internet can stumble on that same infrastructure. Domain management is boring until it isn’t, and auto‑renew does not absolve anyone from auditing expiration flows, registrar integrations, and registry locks. Large organizations often rely on third‑party brands to register ccTLDs and defensive names, creating an administrative sprawl that is hard to monitor. Even in this case, where the registrar and the registrant were effectively the same corporate family, a gap opened wide enough for a single user to jump through.

Google treated the mishap a bit like a vulnerability disclosure. Its security team reached out to Ved, thanked him for reporting the issue responsibly, and offered a reward under the company’s bug bounty program, even though the canonical rules didn’t explicitly list “buying our domain” as an eligible exploit. The amount they settled on was $6,006.13, a playful nod to the letters in Google’s name—6006.13 looks like “Google” upside down on a calculator. Ved promptly donated the entire sum to The Art of Living India’s education program. In a magnanimous coda, Google doubled that charitable gift to over 12,000 dollars, turning an embarrassing lapse into an opportunity for goodwill. The episode thus concluded with a corporate mea culpa, a white‑hat hacker lauded for restraint, and a charity better funded.

What makes this case linger in the lore of domain name fails is not only the improbability but the precision with which it exposes human and system factors. Consider the user interface that surfaced availability. A domain registrar’s search result must be fed by the outcome of a registry check; if that call races another process, a transient state can be misread. Consider also the emergency kill switches. Registry lock is supposed to prevent exactly this—a lock held at Verisign’s level that disallows any change absent multi‑factor, offline authorization. Was it engaged improperly? Did it drop for a millisecond? Google never published a technical post‑mortem, so observers can only infer that the failure originated on the registrar front end, not the registry core. Still, the lesson for every operations team is clear: systems fail in the seams. Monitoring must look for impossible events, not just likely ones.

There is also a sociotechnical layer to this story. Ved was a former employee who knew enough about responsible disclosure to avoid temptation. The internet’s safety frequently depends on exactly that sort of good fortune. Responsible researchers, bug bounties, and well‑publicized channels for reporting issues are not indulgences; they are risk mitigations. In the domain world, ICANN’s policies outline grace periods and redemption cycles, but ethical norms are what dissuade opportunists from exploiting errors the moment they see them. Had a less scrupulous individual been up late in Cambridge that night, the aftermath might have involved lawsuits, emergency DNS propagation changes, and perhaps a very different history of user trust.

The tale also punctures a comforting myth for smaller organizations: that only the big guys can afford airtight domain hygiene. Google’s stumble demonstrates that every owner must put redundancy and verification over assumptions. Simple practices—calendar reminders long before expiry, registry lock where available, separation of registrar accounts, multiple human approvers, regular WHOIS audits—are boring until they prevent catastrophe. Conversely, delegating everything to auto‑renew without auditing the pipeline is an invitation for edge‑case failure. When a domain underpins single sign‑on, API endpoints, MX records, and TLS certificate issuance, the blast radius of a lapse is exponential.

In retrospect, the most unforgettable image from the incident is the screenshot Ved captured: a Google Domains page stating “You successfully purchased google.com.” It is absurd, almost satirical, like a bank congratulating a customer on acquiring the Federal Reserve. Yet that absurdity is instructive. Digital ownership is a contract encoded in databases and protocols; it has none of the physical safeguards of a factory or a vault. The only thing that prevents a namespace from collapsing into chaos is the reliability of those databases and the diligence of the humans tending them. One mistyped date, one misordered EPP command, one UI race condition—these become the cracks through which even giants can fall.

By daylight on September 29 the crisis had passed, refunds were processed, and the internet never noticed a blip. Google search kept answering billions of queries. Gmail continued to route. But beneath the seamless surface lay a cautionary footnote that engineers quietly circulated: log everything, lock everything, and never assume the obvious is impossible. If google.com can be bought for twelve dollars, any domain can. The difference between a funny anecdote and a front‑page outage is often just who clicks first and what they choose to do next. In that slim interval of time, Google was lucky that the buyer wanted nothing more than a good story and a chance to give to charity. The rest of us got a parable about the fragility of the systems we take for granted, and a reminder that even titans must mind the renew button.

At a little past midnight on September 29, 2015 in Cambridge, Massachusetts, former Googler and Harvard Business School student Sanmay Ved was doing what countless domain hobbyists do: idly refreshing search results on a registrar’s website to see what curious addresses might be available. He happened to be using Google Domains, the company’s own retail…