GlobalSign claims breach did not compromise SSL certificates

SSL certificate authority GlobalSign has admitted that its web site's SSL certificate and key were compromised during a September security breach, but claimed that no customer data was exposed and no rogue certificates were issued.

The Belgian security firm was forced to stop issuing certificates from 6 to 15 September after suspecting that it may have fallen victim to the 'Comodo hacker' who compromised certificate authorities including DigiNotar and Comodo.

GlobalSign said in a statement on its web site that a web server hosting globalsign.com was breached on 9 September but that it was "peripheral" to the certificate issuance infrastructure.

"The www.globalsign.com domain is used only for the externally facing North American web sites and runs no web applications capable of requesting or issuing certificates nor does it hold any customer data," the firm said.

"The breached web server was immediately locked down and subsequently rebuilt with a new disk and hardened system image."

The security of the web has been called into question in recent months after a string of certificate authorities were breached.

SSL certificates were originally designed to validate the authenticity of web sites, but if cyber criminals manage to breach the defences of certificate authorities and issue fake SSL certs, they can effectively create web pages masquerading as real ones.

GlobalSign will be pleased it escaped the fate of DigiNotar, the Dutch certificate authority which was declared bankrupt after a breach of its systems led to the issuing of fake certificates.