GlobalSign® Press Release

Comodo Security Compromised - GlobalSign Official Statement

GlobalSign's Official Statement regarding the recent breach of Comodo's SSL Security

Australia - March 28 2011 - On March 23 2011, the Certification Authority Comodo announced it had mis-issued 9 SSL Certificates to high profile websites including:

•    login.live.com

•    mail.google.com

•    www.google.com

•    login.yahoo.com (3 certificates)

•    login.skype.com

•    addons.mozilla.org

The Certificates were issued through one of its unnamed Registration Authority (RA) Partners who had been given transferrable trust rights to issue publicly trusted SSL Certificates.

The fraudulent Certificates have since been revoked, however due to the high profile nature of the mis-issued Certificates, Microsoft, Google and Mozilla have issued browser updates to hardcode the revocation status of the Certificates into the browsers. We advise all GlobalSign customers to update their browsers immediately.

This is a very serious compromise of unprecedented scale. As further details unfold, our security group will publish a full statement. However we wish to strongly iterate that this is a completely standalone attack on the Comodo systems. GlobalSign wishes to confirm to all customers, partners and the industry as a whole that GlobalSign is not affected by the Comodo compromise.

For more information about GlobalSign and its range of Digital Certificate Solutions, please visit www.globalsign.com.au/ssl

About GMO GlobalSign
Established in 1996 and as a WebTrust accredited public certificate authority, GlobalSign offers publicly trusted SSL Certificates, EV SSL, Managed SSL Services, S/MIME email security and Code Signing for use on all platforms including mobile devices. Its Trusted Root solution uses the widely embedded GlobalSign Root CA certificates to provide immediate PKI trust for Microsoft Certificate Services and internal PKI, eliminating the costs of using untrusted Root Certificates. Its partnership with Adobe to provide Certified Document Services (CDS) enables secure digitally signed PDF documents, certified transcripts and e-invoices.  These core Digital Certificate solutions allow its thousands of authenticated customers to conduct secure online transactions, data transfer, distribution of tamper-proof code, and protection of online identities for secure email and access control.  The company has a history of innovation within the online security industry and has offices in the US, UK, Belgium, Japan, China and Singapore.

GMO Internet Group
GMO Internet Group is one of the most comprehensive providers of industry-leading Internet services worldwide. As well as domain registration, web hosting, ecommerce, and payment processing businesses that each hold the top share in their respective markets in Japan, services operated by the group include Internet advertising, search engine marketing and research. Global online security brand GlobalSign and major Japanese online securities brokerage, GMO CLICK Securities are also group members. In 2011 a new Social Media & Smartphone Platform segment was established bringing together group initiatives in social apps development, flash marketing and Android apps distribution. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan. Please visit www.gmo.jp/en for more information.

For further details please contact:

GlobalSign Australia
Tel: +61 3-9988-3988
pr-apac@globalsign.com