DigiNotar hacker claims stealing data from authentication sites
08 Sep 2011
An internet user from the DigiNotar hack site says he stole email, customer data and other sensitive information from two competing web authentication authority sites, which he plans to release publicly, soon.
In a statement posted today that expands on previous claims, an individual calling himself Comodohacker said he breached the security of Israel-based certificate authority StartCom and its US-headquartered competitor GlobalSign.
''I have ALL emails, database backups, customer data'' for StartCom. He also wrote he had access to ''the entire server,'' database backups and system configuration of GlobalSign.
Comodohacker's claims come closely on the heels of his offering the first conclusive proof he had insider knowledge of the security breach of Netherlands-based DigiNotar that led to over 500 counterfeit certificates for Google.com and dozens of other websites.
Comodohacker, claims to be a 21-year-old Iranian who is sympathetic to his country's government. He posted a file that was signed with the private key of the fraudulent Google certificate, which proved he had close links with the people who perpetrated the hack.
Comodohacker had earlier confirmed he was involved in an attack on a reseller of the Comodo certificate authority that also forged counterfeit credentials for sensitive websites.