Another Certificate Authority(CA) hacked by Cyber criminals, Gemnet( a subsidiary of KPN) Under cyber attack. They shut down their website as part of Investigating the attack.
According to the Webwereld report,Hackers gained access to database on the server managed by a PHPMyAdmin instance which was not protected by a password. phpMyAdmin is a web interface for managing SQL databases that should not be facing the open internet, password required or not. The attacker then used this web access to gain control over the system and all of the documents contained on it.
Gemnet’s statement:
"The hack of the site has no connection with the issuance and management of Government PKI certificates. The general website Gemnet (www.gemnet.nl) since Wednesday December 7 temporarily not accessible to visitors.
The website, part of KPN, by Internet journalist Brenno de Winter Wednesday afternoon reported a possible hack. The hack would be performed on the server: the server that the general visitor information visible. KPN was immediately launched an investigation into possible causes and origins,"
According to the Webwereld report,Hackers gained access to database on the server managed by a PHPMyAdmin instance which was not protected by a password. phpMyAdmin is a web interface for managing SQL databases that should not be facing the open internet, password required or not. The attacker then used this web access to gain control over the system and all of the documents contained on it.