GlobalSign web certificate authority back online after breach by hacker


GlobalSign web certificate authority back online after breach by hacker

Warwick Ashford

Belgian web certificate authority (CA) GlobalSign is back online after investigating claims by the hacker who breached the Dutch DigiNotar CA that its systems had also been breached.

The attack on DigiNotar resulted in fraudulent web authentication certificates being issue for hundreds of websites, including

As soon as the DigiNotar hacker made the claim about GlobalSign, the CA suspended certificate issue on 6 September.

Three days later, GlobalSign, the fifth largest digital certificate issuer, confirmed that it had found evidence of a breach to the web server hosting its website, but said the server was isolated from all other infrastructure and there was no evidence of any further breach.

The CA said it would begin work on returning services to normal, but would continue to monitor all activity on all services as a precaution.

The company is still investigating whether bogus certificates were created in its name, according to the BBC.

The breach at DigiNotar raised concerns about the CA system, as digital certificates are used to verify the identity of a person or device, authenticate a service or encrypt files.

Consequently, a fraudulent certificate may be used to spoof web content, perform phishing attacks or perform man-in-the-middle attacks.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy