Verisign Admits Company Was Hacked In 2010, Not Sure What Was Stolen

← Back to Stories (view on slashdot.org)

Verisign Admits Company Was Hacked In 2010, Not Sure What Was Stolen

Posted by timothy on Thursday February 2, 2012 @04:39AM from the losing-the-moral-high-ground dept.

mask.of.sanity writes "Verisign admitted it was hacked repeatedly last year and cannot pin down what data was stolen. It says it doesn't believe the Domain Name System servers were hacked but it cannot rule it out. Symantec, which bought its certificate business in 2010, says also that there was no evidence that system was affected. Verisign further admitted in an SEC filing that its security team failed to tell management about the attacks until 2011, despite moving to address the hacks."

7 of 85 comments (clear)

Min score:

Reason:

Sort:

weird by Trepidity · 2012-02-02 04:43 · Score: 4, Insightful

Leaving aside probable bad judgment on the security team's part in not informing management, doesn't a company like Verisign have standardized/mandatory issue tracking policies in place so it wouldn't even be a question of judgment on a team's part to inform management? Management should have a system in place to make sure they know what's going on security-wise in a business whose entire selling point is security.

--
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
1. Re:weird by sycodon · 2012-02-02 04:49 · Score: 4, Funny
  
  "Verisign further admitted in an SEC filing that its security team informed management about the attacks immediately while at the same time moving to address the hacks, but that management ignored it because they didn't understand the implications until the lawyers took away their drinks and shrimp cocktails and made them understand"
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
What was stolen? by Kickasso · 2012-02-02 04:44 · Score: 5, Funny

The letter "i", apparently.
1. Re:What was stolen? by Sockatume · 2012-02-02 04:52 · Score: 4, Funny
  
  And twelve months, if we're to believe it was 2010 last year.
  
  --
  No kidding!!! What do you say at this point?
Re:Who is "Versign"? by K.+S.+Kyosuke · 2012-02-02 04:51 · Score: 4, Funny

Like the subject says: Who is "Versign"? /first post please?!?!?!
It's the company formerly known as Verisign that has been hacked and had some characters stolen by hackers, including an 'i' in its name.

--
Ezekiel 23:20
Re:2010 or last year? by ackthpt · 2012-02-02 04:53 · Score: 4, Informative

If it takes this long to get the article on slashdot, can't you at least edit it so it's correct?
It was last year, last year, but this year it's last year's last year.
Hope that's clear enough now.

--

A feeling of having made the same mistake before: Deja Foobar
Re:Who is "Versign"? by Hawke · 2012-02-02 04:57 · Score: 4, Informative

Verisign runs the top-level domain DNS servers for com, net, edu, cc, name, and a few other smaller ones. If you lookup gmail (ignoring caching), you have to ask Verisign-owned servers where the google DNS servers are, so you can ask those servers what the gmail IP address is. For the security of the internet: it's pretty important.
Until late 2010, Verisign also ran the dominant SSL business. That red circle with the black digitized check at the bottom of your bank's web page? Yeah, that. The SSL business was sold to Symantec, are are trying to slowly rebrand. For the security of the internet, SSL is also kinda important.