Dutch PKI provider's web site security breach under investigation
The web site of Gemnet, subsidiary of KPN and provider of PKI certificates to the Dutch government, succumbed to a hacker's attack according to Webwereld reports. It appears that the attackers gained access to a database on the server managed by a PHPMyAdmin instance which was not protected by a password. The attacker then used this web access to get to the database without a password. The company was informed that it was leaking information on Wednesday night and has been taken off the air by parent company KPN, who then launched an investigation.
KPN said in a statement that the hacker was only able to access publicly available information. It also added that Gemnet does not issue digital certificates. Gemnet CSP, a separate company that does issue certificates for the Dutch government was also taken offline following the discovery of the attack.
Another of KPN's subsidiaries was taken offline in November when it was discovered that a server at the certificate authority, KPN Corporate Market, had been compromised for as long as four years. The Dutch government are reported to have launched their own investigation into the compromise. Earlier this year a compromise at DigiNotar, another Dutch supplier of SSL certificates which had lax security, saw the Dutch government take over the company which was eventually bankrupted.
(djwm)