VeriSign admits it was hacked repeatedly in 2010, staff didn’t tell senior management

Reuters has today revealed that internet giant VeriSign was hacked repeatedly during 2010.

VeriSign believes that the attacks did not breach the servers that support the firm’s Domain Name System (DNS) network, but has not ruled anything out.

Let us hope that VeriSign is right, as if the DNS network were breached it would potentially be bad news for many of the world’s websites – allowing cybercriminals to redirect users attempting to visit popular sites, and potentially infect surfers with malware and intercept communications.

According to a quarterly U.S. Securities and Exchange Commission filing made in October last year, but only highlighted by Reuters reporter Joseph Menn today, the company’s senior management team were not informed by their IT team about the security breaches until September 2011.

Here is the relevant section…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.