Skip to main content

GlobalSign Releases Report Into 'ComodoHacker' Security Breach

Certificate authority GlobalSign has issued a report into an attack on its systems by the self-styled 'ComodoHacker,' which resulted in suspension of service but which - it claims - has not put its customers at risk.

According to GlobalSign's report, a "peripheral web server, not part of the Certificate issuance infrastructure, hosting a public facing web property was breached" in an attack which could have exposed "publicly available HTML pages, publicly available PDFs, the SSL Certificate and key issued to"

While embarrassing, the company claims that it has found no evidence that any customer data was exposed in the attack, and that no rogue certificates were issued - a major difference between its breach and the one that resulted in Dutch certificate authority DigiNotar being forced into bankruptcy earlier this year.

The company has admitted that the self-styled 'ComodoHacker' responsible for the DigiNotar breach was also behind the attack on its own infrastructure.

"As one of the longest operating Certification Authorities, the worldwide GlobalSign team is aware of the impact to customers and partners of halting Certificate issuance for any period of time," the company's executive team explained in a statement on the attack. "The executive team apologizes sincerely for the inconvenience caused when undertaking such an important decision. However the organization stands by the decision and maintain that the ultimate duty of care for GlobalSign, like all responsible CAs, is to avoid issuance of rogue Certificates.

"We are truly thankful for the positive reaction to our chosen response to the incident, including the press covering this and other incidents, our peers, and ultimately from our valued customers and partners.

"GlobalSign has learned much from this incident. More than ever, we appreciate that the threat has evolved, and we are committed to ensuring no such outages occur again from future claims or attacks."

A full report into the attack, which occurred back in September, can be found on the GlobalSign website. monitors all leading technology stories and rounds them up to help you save time hunting them down.