Actually, Entrust reached out about a month ago with this message to me: *On June 18, 2022, we determined that an unauthorized party accessed certain of our systems used for internal operations – functions such as HR, finance, and marketing. We promptly began an investigation with the assistance of a leading third-party cybersecurity firm and have informed law enforcement. *
*While our investigation is ongoing, we have found no indication to date that the issue has affected the operation or security of our products and services, which are run in separate environments from our internal systems and are fully operational. Regarding our Public Certification Authority - all roots are offline and require multiple security cleared people be physically present in a secure room to access.* *We take seriously our responsibility to protect our systems and have been engaged with our customers on the issue. * As stated, there was no impact to our roots as the roots are offline and can only be accessed if two people are physically present in a secure room. Also, our PKI system is on a separated infrastructure, so was not accessed. Since there has been no impact to our PKI and certificate issuance systems, which use roots distributed by your application, we did not raise an incident. Ben On Mon, Aug 22, 2022 at 9:26 AM 'LB' via [email protected] < [email protected]> wrote: > Given news that Entrust were subject to a ransomware attack, which until > now they have not confirmed or given any details on in public - what point > do we need to assume the CAs and CA operations are compromized? > > Should action be taken by Mozilla to eliminate risk and remove trust in > root authority? > > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/zEcsmYjEJdXUd-H8gWEsBaGnIx44oLKyjOHxvd7edfkpHSc58eRxXoWH7sfZot5hWqBNaPe-7topJps-0YQQedb1UvuUwvBe4T43dNoSALE%3D%40proton.me > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/zEcsmYjEJdXUd-H8gWEsBaGnIx44oLKyjOHxvd7edfkpHSc58eRxXoWH7sfZot5hWqBNaPe-7topJps-0YQQedb1UvuUwvBe4T43dNoSALE%3D%40proton.me?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CA%2B1gtaZmE5vqWKiyXwWHbz-AV5piXM0oshc%3DoVrAAw3MVh_NHw%40mail.gmail.com.
