Vasco Data Security has announced that its Dutch arm, DigiNotar, was hacked in July, which resulted in fake SSL certificates, including those for Google.com, to become available to anyone.
The company said that it discovered the attack on July 19 and proceeded to deactivate the SSL certificates for multiple websites. However, the Dutch government informed Google that it failed to deactivate all the certificates.
The news comes after security experts discovered fake SSL certificates for Google.com and websites related to it in the wild. SSL certificates ensure that the communication and data exchange taking place between a user and a website is secure.
Fake SSL certificates are used by hackers to convince users that the website is legitimate in order to steal user personal and financial information.
“At that time, an external security audit concluded that all fraudulently issued certificates were revoked. Recently, it was discovered that at least one fraudulent certificate had not been revoked at the time. After being notified by Dutch government organisation Govcert, DigiNotar took immediate action and revoked the fraudulent certificate,” Vasco said in a statement.