Hack forces DigiNotar to bankruptcy

Owner has no plans to re-enter certificate authority business.

VASCO Data Security International said its Netherlands-based unit DigiNotar filed for voluntary bankruptcy under Article 4 of the Dutch Bankruptcy Act, after hackers stole security certificates.

The court declared DigiNotar bankrupt and appointed a bankruptcy trustee and a judge to manage its affairs as it proceeds through the bankruptcy process, VASCO said.

DigiNotar's systems were hacked in mid-July and security certificates were stolen for a number of domains, DigiNotar and its owner VASCO said on August 30.

The Dutch government is still investigating the hacking and the public prosecutor has also just launched a separate investigation.

"While the losses associated with DigiNotar are expected to be significant, we do not expect, given the manner in which the acquisition of DigiNotar was structured, that the value of all of the intangible assets acquired will be fully impaired," VASCO Chief Financial Officer Cliff Bown said in a statement.

DigiNotar sells security certificates, which guarantee that a web surfer is securely connected. A stolen certificate enables a hacker to pretend a web surfer is securely connected to a website without the surfer knowing he is being monitored.

Earlier this month, the Dutch government said that about 300,000 Internet users in Iran have been spied on last month by one or several hackers who stole security certificates from DigiNotar.

"We plan to cooperate with the Dutch government in its investigation of the person or persons responsible for the attack on DigiNotar," VASCO CEO T. Kendall Hunt said.

VASCO said it did not plan to re-enter the certificate authority business in the near future, but expects to integrate DigiNotar's identity verification technology into its authentication platform.

The report by Dutch IT firm Fox-IT listed several Dutch government ministries and companies whose digital certificates were compromised, and said Google, Skype, Microsoft and Facebook were recipients of fraudulent certificates.

Microsoft has already released updates for its Windows software that revokes the trust of certain DigiNotar root certificates by placing them into the Microsoft Untrusted Certificate Store, according to Microsoft website.

In the mean time, VASCO has been losing customers to its rivals.

Dutch telecoms firm KPN had said its IT unit, Getronics, has won new business from customers after hackers stole security certificates from its rival DigiNotar.

VASCO shares have lost about two thirds of their value since their July high of $US14.07 through Monday on Nasdaq.

(Reporting by Supantha Mukherjee in Bangalore; Editing by Maju Samuel and Gopakumar Warrier)