End of the road for DigiNotar as bankruptcy declared

Filed Under: Featured, Law & order, Privacy, Vulnerability

DigiNotar gravestoneDigiNotar, the Dutch certificate authority which hackers compromised and used to generate hundreds of bogus web security certificates, has filed for bankruptcy.

The announcement that DigiNotar has filed for voluntary bankruptcy was made today by its US parent company VASCO Data Security International.

And, quite frankly, there aren't many who will be mourning its loss.

Vasco announcement of DigiNotar bankruptcy filing

VASCO's CEO, T. Kendall Hunt, seemed keen to disassociate the parent firm from the security problems seen at its subsidiary:

"We would like to remind our customers and investors that the incident at DigiNotar has no impact on VASCO's core authentication technology. The technological infrastructures of VASCO and DigiNotar remain completely separated, meaning that there is no risk for infection of VASCO's strong authentication business."

Cliff Bown, Vasco's chief financial officer, said the losses associated with DigiNotar "were expected to be significant."

It's unlikely that many people are going to shed many tears over the demise of DigiNotar. The firm lost all trust when when it was discovered that it had known that it had suffered a security breach weeks before coming clean about the problem.

But it does serve as a chilling reminder of just how fatal a hack can be for an organisation, especially if the way your corporation decides to respond to it is woefully insufficient.

The fraudulent certificates were issued in the name of major web properties such as Facebook, Twitter, Microsoft and Google; and even in the name of intelligence agencies such as the Mossad and the CIA).

For more background on the DigiNotar security scandal, make sure to take the time to listen to a recent Sophos podcast which discussed the issue featuring Sophos experts Chester Wisniewski and Mike Wood:

You can also download the podcast directly in MP3 format: Sophos Security Chet Chat 72 or subscribe to our podcast RSS feed.

, , , , ,

You might like

3 Responses to End of the road for DigiNotar as bankruptcy declared

  1. A Nonny Mouse · 1126 days ago

    Is bankruptcy a way to stave off possible legal action?

  2. Jay · 1126 days ago

    Now, if only CAPTCHA would go away.

    • Honestly Hypocrite · 1126 days ago

      I always thought Captcha is useless. All malwares targeting Captcha-protected systems seem to recognize the letters better than us human beings...

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.