StartSSL Suspends Services After Security Breach

An anonymous reader writes "StartSSL has suspended issuance of digital certificates and related services following a security breach on 15 June. A trademark of Eddy Nigg's StartCom, the StartSSL certificate authority is well known for offering free domain validated SSL certificates, but also sells organisation and extended validation certificates."

Existing certificate holders not affected.

[neiras]

Before the FUD starts flying, here's the message on the StartSSL page.

Due to an attack on our systems and a security breach that occurred at the 15th of June, issuance of digital certificates and related services have been temporarily suspended as a defensive measure. Our services will be gradually reinstated as the situation allows.

Subscribers and holders of valid certificates are not affected in any form.

Visitors to web sites and other parties relying on valid certificates are not affected.

We apologize for the temporary inconvenience and thank you for your understanding.

I've used their services for years now. Never had a problem, though their web application is truly awful - I've always wondered how fragile it might be. Hope they can pick themselves up and get back to business.