Compromise of certificate issuer DigiNotar
Date of report
  • September 2011
DigiNotar was a Dutch issuer of the digital security certificates [PDF] that authenticate the identities of servers on the internet. This authentication process is essential for online transactions; the certificates allow users to trust that the website they reached is the one they intended and not a decoy that could be used for fraud. An unknown threat actor breached DigiNotar’s network in 2011 and stole authentication certificates to masquerade as other online properties. For example, the threat actors used the certificates to pose as Google and spy on approximately three hundred thousand Iranian Gmail accounts. The fallout from the cyberattack caused DigiNotar to file for bankruptcy, as it was no longer considered a reliable provider for digital security certificates.  DigiNotar was a certificate issuer for the Dutch government at the time, so the compromise jeopardized the information of Dutch citizens. The breach also revealed the previously hidden insecurities of online trust infrastructure, leading to new certificate authentication standards to better ensure the future protection of online consumers.
Suspected victims
  • DigiNotar
Suspected state sponsor
  • Unknown
Type of incident
  • Espionage
Target category
  • Government
  • Private sector
Victim government reaction
  • Unknown