VeriSign has acknowledged that they have been “repeatedly” by hacked by people that stole undisclosed information. The unconfirmed breaches happened in 2010. VeriSign believed that the hackers breached the servers responsible for supporting the company’s DNS network.
“Given the nature of such attacks, we cannot assure that our remedial actions will be sufficient to thwart future attacks or prevent the future loss of information,” stated VeriSign in a recent report filed with the S.E.C. “In addition, although the Company is unaware of any situation in which possibly exfiltrated information has been used, we are unable to assure that such information was not or could not be used in the future.”
VeriSign processes up to 50 billion queries on a daily basis. Stolen data may allow hackers to direct Internet surfers to spoofed websites and potentially intercept email from federal employees.
“This breach, along with the RSA breach, puts the authentication mechanisms that are currently being used by businesses at risk… There [really] appears to be a structured process of hunting those who provide authentication services,” stated former US intelligence official Melissa Hathaway.