A scary report confirmed today that over 200 SSL certificates for websites were stolen by hackers after breaking into a Dutch company’s servers. The certificates of those include top websites such as Mozilla, Yahoo and the Tor project.
The company that housed these certificates, DigiNotar, acknowledge the intrusion and say that about 200 different certificates were generated by the hackers accessing their system. This report today is an extension to an earlier attack in July where it was reported that several dozen certificates were compromised. Among those taken were mozilla.com, yahoo.com and torproject.org.
Mozilla has already confirmed that their certificates for addons.mozilla.org was compromised and has currently revoked them until they can get new ones.
To get a rough estimate of how many certificates were taken, Chromium updated their system yesterday and according to their bug tracker, 247 certificates were added to the project blacklist yesterday.
Since the attacks the company claims that it has revoked all affected certificates, but forgot that other methods could be used to impersonate Google services. What has people more up in arms, is that the company has not made any public statement to its users about this breach.
On top of that, DigiNotar wasn’t aware about the attack for nine days after the hackers stole the information. Then, it took them even longer to revoke the certificates, so who knows how long the hackers could have used those certificates for their nasty deeds.
The status of the certificates is currently unknown and the company still has yet to make a statement. By now all of the affected certificates have been removed from the websites they were installed on. DigiNotar still has some explaining to do and cleanup deal with.