(The Hosting News) – Various SSL certificates now appear to be on the loose following a breach of a site belonging to Dutch certificate authority DigiNotar. Despite the attack occurring in July, worries are starting to increase following a report that hackers may have accessed more SSL certificates than previously suspected.
In fact, Computerworld recently reported that the number may be more than 200 according to Hans Van de Looy of Dutch security company Madison Gurka. So far, the SSL certificates are thought to pertain to Google, Mozilla,Yahoo and WordPress.
While DigiNotar has worked to revoke the SSL certificates, worries linger.
Meanwhile, Google has taken a step to protect against any possible problems. Just recently, it was reported that Google (through Chrome) chose to blacklist certificates pertaining to the breach.
Mozilla has also made a move by patching and updating its Firefox web browser. Commenting on the Mozilla Security blog, the company stated, “Mozilla was informed today about the issuance of at least one fraudulent SSL certificate for public websites belonging to Google, Inc.”
“This is not a Firefox-specific issue, and the certificate has now been revoked by its issuer, DigiNotar. This should protect most users,” the release went on to say.
So what’s the impact? According to Mozilla, “Users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords.” SSL certificates are digitally encrypted files used to transfer web data.