StartSSL Suspends Services After Security Breach - Slashdot

Please create an account to participate in the Slashdot moderation system

×

StartSSL Suspends Services After Security Breach 54

Posted by timothy on Thursday June 23, 2011 @02:21PM from the alliteration-above-averted dept.

An anonymous reader writes "StartSSL has suspended issuance of digital certificates and related services following a security breach on 15 June. A trademark of Eddy Nigg's StartCom, the StartSSL certificate authority is well known for offering free domain validated SSL certificates, but also sells organisation and extended validation certificates."

This discussion has been archived. No new comments can be posted.

StartSSL Suspends Services After Security Breach

Search 54 Comments Log In/Create an Account

Comments Filter:

RegisterUK article only one with info (Score:3, Informative)

by Anonymous Coward writes: on Thursday June 23, 2011 @02:35PM (#36544968)

Register story from a couple of days ago the only site so far with any real info. StartSSL is still down and no info has been provided on when they will start back up. Their OpenID service is not functioning either.
http://www.theregister.co.uk/2011/06/21/startssl_security_breach/

Share
twitter facebook
Existing certificate holders not affected. (Score:5, Informative)

by neiras ( 723124 ) writes: on Thursday June 23, 2011 @02:41PM (#36545060)

Before the FUD starts flying, here's the message on the StartSSL page [startssl.com].
Due to an attack on our systems and a security breach that occurred at the 15th of June, issuance of digital certificates and related services have been temporarily suspended as a defensive measure. Our services will be gradually reinstated as the situation allows.
Subscribers and holders of valid certificates are not affected in any form.
Visitors to web sites and other parties relying on valid certificates are not affected.
We apologize for the temporary inconvenience and thank you for your understanding.
I've used their services for years now. Never had a problem, though their web application is truly awful - I've always wondered how fragile it might be. Hope they can pick themselves up and get back to business.

Share
twitter facebook
I had a feeling this was going to happen (Score:4, Informative)

by rennerik ( 1256370 ) writes: on Thursday June 23, 2011 @03:07PM (#36545464)

I submitted a story about this about a week ago: http://slashdot.org/submission/1653760/Free-Certificate-Authority-StartCom-Taken-Offline [slashdot.org] and speculated on whether or not this was due to a security breach.
I am a bit disappointed in StartCom, considering they probably knew about this for a while and failed to tell anyone the moment it became apparent.
I am fearful about what, if any customer data, was compromised. When you submit info for validation, you have to submit scans of your ID -- a drivers license, passport etc -- as well as other personal information. If the crackers got a hold of that info, there could be a bastion of fraud being perpetrated without anyone realizing it until it is too late.
Many bank accounts these days can be opened over the Internet simply with a scan of a photo ID and filling out a form. One can apply for loans using the same information without ever setting foot inside a bank. This is a bigger threat, IMO, than fraudulent certs being issued; this can be revoked and patched in a matter of days. Identity theft is never so easy to fix.

Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

390 comments32-Hour Workweek for America Proposed by Senator Bernie Sanders
358 commentsWhat Should Happen to Empty Downtown Office Spaces?
340 commentsHacktivism Erupts In Response To Hamas-Israel War
324 comments'Feedback' Is Now Too Harsh. The New Word is 'Feedforward'
248 commentsWorkers are Resisting Calls to Return to Offices

HELP!!!! I'm being held prisoner in /usr/games/lib!