HITBSecConf2017 Amsterdam (April 10th - 14th)
Register Online Now!
DigiNotar certificate authority goes bankrupt
The theft of SSL certificates from Dutch certificate authority DigiNotar so undermined trust in the company that it has gone bankrupt.
Responsible for taking down the company is a single attacker, believed to be in Iran, who stole more than 500 certificates used to authenticate sites that make secure connections via SSL. DigiNotar was the primary certificate authority used by the Dutch government. DigiNotar filed for bankruptcy yesterday and a Dutch court approved the filing today. Trustees were appointed to liquidate its assets, according to a statement by DigiNotar's parent company, Vasco.
The industry has been running from DigiNotar since the breach was made public Aug. 29, more than two months after the company discovered an attack. Microsoft has blacklisted all DigiNotar digital certificates, deeming them untrusted. Google and Mozilla had already blacklisted the company's certificates, and the TOR project has recommended rejecting all DigiNotar certificates.