It appears that it is not only Sony suffering from repeated breaches. As we reported at the time, Comodo was breached a while back, and suffered from having SSL certificates issued for some well known domains, including Google and Skype. Unfortunately, they’ve been hit again, as reported by Help Net Security, with some core database data leaked.
This time hackers exploited a flaw in the company’s Brazil website, which allowed them to get hold of a database containing information about certificate authorities and customer details about their SSL Certificate customers. The certificate authority data, in particular, reveals information such as the customer’s name, email, fax, phone number, order details and private key file name, amongst other things.
The hackers have “published” a partial dump of that data over at pastebin.com, which also contained a number of Comodo staff login details.
If you are a customer of Comodo Brazil, you should contact the company to find out if you need to take any action at this point.
We think you'd also like: