PogoWasRight.org

Menu
  • About
  • Privacy
Menu

Iranians’ email targeted by breach involving hacked security certificates

Posted on September 6, 2011July 2, 2025 by Dissent

Up to 300,000 Iranians may have had their Google email monitored using security certificates stolen from Dutch firm DigiNotar.

The figure came from a report into the breach at DigiNotar which let attackers generate hundreds of fake certificates.

The report suggests the certificates were used in Iran to eavesdrop on email accounts.

The list has been passed to Google so it can tell victims they may have come under government scrutiny.

On 30 August, security firm Fox-IT was called in to analyse the sequence of events at DigiNotar that led to the security breach. It published its interim report late on 5 September.

Read more on BBC. Their link to the Fox-IT report was 404, but Cryptome uploaded a copy of the report on Cryptome.  The Associated Press also covers the breach.

In related news, F-Secure reports that the hack appears to be the work of an Iranian  known as”ComodoHacker.”  In a Pastebin post called “Striking Back,” ComodoHacker  provides some of his motivation for the attack:

When Dutch government, exchanged 8000 Muslim for 30 Dutch soldiers and Animal Serbian soldiers killed 8000 Muslims in same day, Dutch government have to pay for it, nothing is changed, just   16 years has been passed. Dutch government’s 13 million dollars which paid for DigiNotar will have to go DIRECTLY into trash, it’s what I can do from KMs away! It’s enough for Dutch government for now, to understand that 1 Muslim soldier worth 10000 Dutch government.

DutchNews.nl reports:

The public prosecution department has begun an investigation into events at internet security firm DigiNotar to find out if it should be held responsible for the security breakdown covering hundreds of websites, home affairs minister Piet Hein Donner told reporters on Monday evening.

No related posts.

Category: BreachesFeatured NewsNon-U.S.Surveillance

Post navigation

← Wednesday in Congress: Updating the Computer Fraud and Abuse Act
National Opt-Out Campaign Informs Parents How to Protect the Privacy of their Children’s School Records →

Now more than ever

Search

Contact Me

Email: info@pogowasright.org

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

Categories

Recent Posts

  • Navigating Privacy Gaps and New Legal Requirements for Companies Processing Genetic Data
  • Germany’s top court holds that police can only use spyware to investigate serious crimes
  • Flightradar24 receives reprimand for violating aircraft data privacy rights
  • Nebraska Attorney General Sues GM and OnStar Over Alleged Privacy Violations
  • Federal Court Allows Privacy Related Claims to Proceed in a Proposed Class Action Lawsuit Against Motorola
  • Italian Garante Adopts Statement on Health Data and AI
  • Trump administration is launching a new private health tracking system with Big Tech’s help

RSS Recent Posts on DataBreaches.net

  • Updating: Two Telegram channels and two accounts banned, one bounty offered, and BreachForums goes down
  • North Korean Kimsuky Hackers Suffer Data Breach as Insiders Leak Information Online
  • Hackers post stolen St. Paul data online as efforts to reset city employee passwords surge forward
  • Justice Department Announces Coordinated Disruption Actions Against BlackSuit (Royal) Ransomware Operations
  • NL: Hackers breach cancer screening data of almost 500,000 women
©2025 PogoWasRight.org. All rights reserved.
Menu
  • About
  • Privacy