Note: Original articles said GlobalSign was compromised and the attacker had the ability to forge SSL certificates. Many of those articles were never updated with details as they became available. Espiner of ZDNet wrote a good piece covering all of the details.

GlobalSign finds no sign of fake certificates after hack

September 12, 2011

Tom Espiner, ZDNet UK

GlobalSign, one of the major digital certificate authorities, has found that one of its web servers has been hacked, but has said that there is no evidence of a further security breach. However, it will issue no new certificates until Tuesday at the earliest.

Japanese-owned GlobalSign discovered the breach of the server hosting its website during an investigation prompted by claims by the 'Comodohacker' to have hacked its systems. The hack was part of a campaign to compromise certificate authorities (CAs), including Dutch company DigiNotar, which provides certification services to the Dutch government.

"Today we found evidence of a breach to the web server hosting the www website," the company said in a statement on Friday. "The breached web server has always been isolated from all other infrastructure and is used only to serve the website. At present there is no further evidence of breach other than the isolated www web server [sic]."


main page ATTRITION feedback