Certificate Authority GlobalSign Loses Critical Data to ComodoHacker

Over the last few months, we have seen sophisticated and well-organized attacks on various websites and web-services. While some of these attacks were aimed at proving vulnerabilities, others were carried out to raise concerns against policies and actions taken by these agencies, organizations and at times, Governments. Whatever be the case, in all these situations, always the end-user suffered the most.  The recent course that this hack and breach fest has taken, (not essentially the same hacker groups) is towards certificate authorities.
Certificate Authorities are the bodies who issue certificates to certify a website or a web-service as genuine. Whenever we visit a website with an SSL or TLS authentication, a certificate is issued which validates the site in the browser. This is used to verify the website as well as the integrity of it.

On July 10 2011, ComodoHacker attacked the Certificate Authority DigiNotar. This attack led to the creation of  fake Gmail certificates that was used for  man in the middle attacks. This time, the same hacker ComodoHacker claims to have hacked another Certificate Authority- GlobalSign. The hacker claims that he has large amounts of data from the Certificate Authority which includes emails, database backups, customer data and other sensitive information, all of which he plans to release in near future.

The Pastebin message announcing this says,

I have ALL emails, database backups, customer data which I’ll publish all via cryptome in near future), GlobalSign (I have access to their entire server, got DB backups, their linux / tar gzipped and downloaded, I even have private key of their OWN globalsign.com domain

Following this breach, GlobalSign has stopped issuing security certificates after internal investigations proved that the breach was indeed genuine.


Published by

Chinmoy Kanjilal

Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. You can connect with him on Twitter @ckandroid.

  • I would say at least GlobalSign is a responsible one compared to DigiNotar. They choose to lose part of their revenue instead of hiding the issue to keep their business running. I’m sure the sacrifice they made will bring trust to their customer. After Certificate Authority is all about trust, isn’t it?