DigiNotar Hack: 300k Iranian Emails May have been Compromised

A new report has shed light in to the rather shocking ‘fact’ how some 300,000 unique IP addresses from Iran tried to access Google.com and how they may have been monitored after hackers stolen digital certificate from DigiNotar, the agency in charge of issuing digital certificates in the Netherlands.

The revelation came from an report (which can be found here [PDF]) published by the security firm Fox-IT on Monday. And, according to the report, the stolen certificate, which was issued by DigiNotar on July 10th was finally withdrawn on Aug 29, i.e. last week.

The report by Fox-IT also claimed that of all the addresses that tried to access Google using the rogue certificate, over 99 percent of those originated from Iran alone.

The list containing the IP addresses will soon be handed over to the Mountain View based search engine so that it can inform all the affected parties whose email accounts might have been compromised during this period.

Fox-IT also claimed in its report that DigiNotar was not taking adequate measures in order to ensure a full-proof security to its network architecture, and thus eventually leading to this massive security breach.

"The login cookie stays valid for a longer period," the Fox-IT report pointed out.

The list of IP addresses will be handed over to Google who can inform users that their e-mail might have been intercepted during this period, Fox-IT said.