Break-ins at domain registrar VeriSign in 2010
Reuters reports that VeriSign notified the US Securities and Exchange Commission (SEC) of several intrusions into its IT systems in 2010. However, VeriSign's report states that the company's executives "do not believe these attacks breached the servers that support our Domain Name System network."
VeriSign is the registrar for Top Level Domains such as .com and .net, and operates a significant number of the global DNS root servers. The company sold its SSL certificate division to Symantec in 2010. However, Symantec sees no threat either: "There is no indication that the 2010 corporate network security breach mentioned by VeriSign Inc was related to the acquired SSL product production systems", said company spokeswoman Nicole Kenyon.
Corporations who are publicly traded on the stock markets in the US must submit quarterly "SEC filings" to the US Securities and Exchange Commission; in these filings, they list any incidents that may have a negative impact on the corporation's share prices – including security incidents. VeriSign's October 2011 report, states that the company "experienced security breaches in the corporate network in 2010 which were not sufficiently reported to Management". VeriSign reported that it faced several successful attacks in which access was gained to information on a small portion of its computers and servers. The report does not specify what kind of information was accessible or give any details of the attack type, scope or time.